04-13-2016 02:34 AM - edited 04-13-2016 03:09 AM
We have had a few issues with customers and their network when upgrading to the latest Apps and Threats update.
Can anyone comment on this at all?
A few examples of issues are that decryption is not working, and communication to the LDAP server was lost. Sessions are closed with the error message "resources unavailable".
Revert to content 577.
04-13-2016 03:09 AM
Thanks for providing the solution, but I am just letting people know/asking if anyone else is having the same issue.
04-13-2016 03:12 AM
We were warned of issues with 578-3263 by some colleagues, so we we've temporarily disabled automatic updates.
The issue seems to be with the update signature for msrpc.
04-13-2016 03:13 AM
Yes, others experience the same problem.
04-13-2016 04:34 AM
With 578-3267 we had problems regarding DNS. Queries returned 0 bytes.
04-13-2016 04:52 AM - edited 04-13-2016 05:16 AM
Apps and Threats Update 578 is pulled by Palo Alto.
Waiting for their statement.
04-13-2016 06:17 AM
We were also seeing many sessions ending due to 'resources'unavailable' after updating to app and threat 578. Restarting the dataplane seemed to clear it up temporarily. I have reverted to version 577 on all of our boxes and disabled automatic updates until I see some kind of respose from Palo Alto indicating the issue has been resolved.
04-13-2016 06:25 AM
Palo have informed us that they have now removed 578 from the update server and that reverting to 577 is a workaround.
We haven't had anything more on the status of a new content update, but I'm sure they'll extensively test the next one before it comes out. 🙂
04-13-2016 06:28 AM
We have the same issue on different customers enviroment.
We reverto to 577 .. What a huge problem!!! 😧
Everything was down in term of connectivity on customers side
I hope everyone solved this
04-13-2016 06:56 AM
That was particularly painful...
04-13-2016 07:02 AM
Agreed. I was not expecting to find the solution the issue in that place. As we were working backwards through the issue, it was the only thing that made sense af far as the timeline of failure as we saw it on our end.
04-13-2016 07:54 AM
I have tested another work-around, simply reboot your PA firewall solve this issue.
Also I Have tested with 7.1.0 and I can clearly see that 578 content doesn't cause any kind of issue with this PAN-os version.
So in conclusion you can:
- Revert to 577
- Reboot your PA firewall
- Install latest PAN-os version 7.1
All of these options solve this issue.
04-13-2016 09:06 AM
This is brilliant, thanks for your hard work.
However.. Palo have removed the 578 content update from the update server, so this is now irrelevant 😛
I appreciate your efforts however, good job!
04-13-2016 09:08 AM
I was told only the 3K platforms are affected and it is a resource depletion issue. Can anyone confirm if they've seen the issue on other platforms? I've confirmed that at least 2 PAN-VM series don't have the issue with update 578.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!