Apps and Threats 578-3263 *URGENT* *SOLVED*

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Apps and Threats 578-3263 *URGENT* *SOLVED*

L3 Networker

We have had a few issues with customers and their network when upgrading to the latest Apps and Threats update.

 

Can anyone comment on this at all?


A few examples of issues are that decryption is not working, and communication to the LDAP server was lost. Sessions are closed with the error message "resources unavailable".

 

Regards

Jack

1 accepted solution

Accepted Solutions

L1 Bithead

Hello Jack,

 

Revert to content 577.

 

Kind regards,

Roland

View solution in original post

25 REPLIES 25

L1 Bithead

Hello Jack,

 

Revert to content 577.

 

Kind regards,

Roland

Hi Roland,

 

Thanks for providing the solution, but I am just letting people know/asking if anyone else is having the same issue.


Cheers

Jack

We were warned of issues with 578-3263 by some colleagues, so we we've temporarily disabled automatic updates.

 

The issue seems to be with the update signature for msrpc.

Yes, others experience the same problem.

With 578-3267 we had problems regarding DNS. Queries returned 0 bytes.

 

Elmar

L3 Networker

Apps and Threats Update 578 is pulled by Palo Alto.

Waiting for their statement.

L1 Bithead

We were also seeing many sessions ending due to 'resources'unavailable' after updating to app and threat 578.  Restarting the dataplane seemed to clear it up temporarily.  I have reverted to version 577 on all of our boxes and disabled automatic updates until I see some kind of respose from Palo Alto indicating the issue has been resolved.

 

 

Hi Sam,

 

Palo have informed us that they have now removed 578 from the update server and that reverting to 577 is a workaround.

 

We haven't had anything more on the status of a new content update, but I'm sure they'll extensively test the next one before it comes out. 🙂

 

Cheers

Jack

L4 Transporter

Hi @Jack_Howells,

 

We have the same issue on different customers enviroment.

We reverto to 577 .. What a huge problem!!! 😧

 

Everything was down in term of connectivity on customers side

 

I hope everyone solved this

BR

That was particularly painful...

Agreed.  I was not expecting to find the solution the issue in that place.  As we were working backwards through the issue, it was the only thing that made sense af far as the timeline of failure as we saw it on our end.

L4 Transporter

Hi all,

 

I have tested another work-around, simply reboot your PA firewall solve this issue.

Also I Have tested with 7.1.0 and I can clearly see that 578 content doesn't cause any kind of issue with this PAN-os version.

 

So in conclusion you can:

 

- Revert to 577

- Reboot your PA firewall

- Install latest PAN-os version 7.1

 

All of these options solve this issue.

 

Best Regards

Luca

Hi Luca,

 

This is brilliant, thanks for your hard work.

 

However.. Palo have removed the 578 content update from the update server, so this is now irrelevant 😛

 

I appreciate your efforts however, good job!

I was told only the 3K platforms are affected and it is a resource depletion issue. Can anyone confirm if they've seen the issue on other platforms? I've confirmed that at least 2 PAN-VM series don't have the issue with update 578.

  • 1 accepted solution
  • 11316 Views
  • 25 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!