Apt-Get Traffic Allowed but Vendor Receiving Install Error

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Apt-Get Traffic Allowed but Vendor Receiving Install Error

L0 Member

We are working with a vendor who is attempting to install apt-get files onto our test server 172.23.10.44. Traffic was not allowed yesterday, but now is today after I associated application of "apt-get" to application group. Now traffic is allowed, but the vendor is stating the following error still which they were getting before I made the change: 

 

TASK [Apt | Update] ************************************************************

fatal: [127.0.0.1]: FAILED! => {"changed": false, "failed": true, "msg": "Could not fetch updated apt files"}

 

I don't see any new failed traffic from this.

 

Below is the traffic being allowed: 

Bullix36_0-1660749258389.png

 

Here is a screenshot of one of their detailed logs: 

 

Bullix36_1-1660749377889.png

Is there anymore I could do from a Panorama perspective? Or does the vendor need to investigate their install files? 

 

Any guidance would be appreciated. Thank you,

2 REPLIES 2

L3 Networker

Hello,

 

I don't see any issues with those sessions, they look healthy with 2-way traffic.

 

In this situation I would take a packet capture either on the firewall, or on the server itself with tcpdump to analyse the traffic flow. Since it appears to be plaintext HTTP, the HTTP responses might be indicative of the issue (For example you might see 404 not found for some out of date repository URL).

 

Otherwise I'm not sure if there is a more verbose output available for apt-get to shed more light on why it failed.

 

Regards,

- DM

Sr. Technical Support Engineer, Strata

Cyber Elite
Cyber Elite

@Bullix36,

Since this looks like a task being ran from whatever they are attempting to install, I would try to get information on what its actually attempting to do during this task and attempt to replicate it directly outside of their install process. Your traffic is perfectly fine according to your logs, but it could easily be something else that is failing that doesn't actually have a good error message associated with it (if I had a dollar for every time an error message sent me chasing the wrong thing, I'd be a rich man). 

  • 2236 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!