- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
Cannot update software since upgrading to 4.1
- LIVEcommunity
- Collaboration
- Discussions
- General Topics
- Cannot update software since upgrading to 4.1
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-03-2012 03:31 AM
Hello all,
I recently upgraded to the 4.1 OS from 4.0.1. The firewall settings are fine but for some reason whenever the firewall tries to download any new software like 4.1.1, GlobalProtect, Dynamic Updates it keeps getting the error "Failed due to network failure".
I have checked and made sure that the Managment Interface is not being blocked by URL or Security policies. I even see successful connections to update server but the error still keeps coming up.
Any thoughts?
Regards
Stephen
Accepted Solutions
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-08-2012 04:14 AM
I had the same issue on 4.1.0.
The Check now in Software only generated the following error message:
"Failed to check Content content upgrade info due to generic communication error"
I resolved the issue by doing this:
- Changed the Services - Primary DNS Server from internal dns server to external dns server.
- Changed Palo Alto Updates in Service Route Configuration to use external fw interface.
Software list is now updated and 4.1.2 are now downloading :)
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-03-2012 12:21 PM
From the CLI, test by issuing command 'ping host updates.paloaltonetworks.com'.
Also when you go into Dynamic Updates and Software, do you get any error when you click on 'Check Now' button?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-03-2012 12:40 PM
I can ping successfully from CLI and I get the same error when I manually press Check Now for any download.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-03-2012 01:08 PM
Can you doublecheck the device's mgmt setting to ensure the update location is pointing to updates.paloaltonetworks.com?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-03-2012 01:43 PM
Just to be specific it is in the Operations tab in the Setup section of the Device. The Update server is indeed 'updates.paloaltonetworks.com'
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-03-2012 01:47 PM
Configuration appears to be fine. You may want to check again to see if the traffic is being blocked upstream. I would suggest collecting a pcap and see.
Thanks.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-17-2012 10:24 AM
Hello,
I've been dealing with this same issue as well. It started with 4.1 for me too.
I can log into the firewall, and force it to update. But sometimes even then it gets stuck, and I have to log into the CLI and cancel the job.
Here's the email error message I get.
SYSTEM ALERT : high : Failed to check Content content upgrade info due to generic communication error
domain: 1
receive_time: 2012/01/17 13:14:20
serial: xxxxxxxxx
seqno: 11896
actionflags: 0x0
type: SYSTEM
subtype: general
config_ver: 0
time_generated: 2012/01/17 13:14:20
vsys:
eventid: general
object:
fmt: 0
id: 0
module: general
severity: high
opaque: Failed to check Content content upgrade info due to generic communication error
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-17-2012 11:14 AM
I am seeing similiar effects (4.1.1). I noticed today that an auto scheduled AV download was at 30% for more than a week now. Which must of been effecting the threat content download from starting. URL updates are up to date though. The particular date of over a week ago was also when I found the AV download stuck the first time. After killing the job - I can perform a manual download/install. Seems to happen during the auto scheduled download.
Cheers,
Mike
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-25-2012 12:13 PM
Has there been any update on this? There is more then one person reporting the issue now. I'm still getting the same error message I reported in my previous post.
Thanks,
Daniel
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
01-25-2012 08:15 PM
Please contact Support to open a case so that we can diagnose & have this issue track. Thanks.
- Update Remote Firewalls from Panorama Fails in General Topics
- PAN-OS for the PA3020 in General Topics
- Mac Built-in Firewall Issue GlobalProtect in GlobalProtect Discussions
- intermittent disconnect and client probing in GlobalProtect Discussions
- Looking to upgrade Panorama and firewalls from 9.1.5 to 10.0.6 in Best Practice Assessment Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
