Cannot update software since upgrading to 4.1

Showing results for 
Search instead for 
Did you mean: 

Cannot update software since upgrading to 4.1

L2 Linker

Hello all,

I recently upgraded to the 4.1 OS from 4.0.1. The firewall settings are fine but for some reason whenever the firewall tries to download any new software like 4.1.1, GlobalProtect, Dynamic Updates it keeps getting the error "Failed due to network failure".

I have checked and made sure that the Managment Interface is not being blocked by URL or Security policies. I even see successful connections to update server but the error still keeps coming up.

Any thoughts?




Accepted Solutions

L0 Member

I had the same issue on 4.1.0.

The Check now in Software only generated the following error message:

"Failed to check Content content upgrade info due to generic communication error"

I resolved the issue by doing this:

  • Changed the Services - Primary DNS Server from internal dns server to external dns server.
  • Changed Palo Alto Updates in Service Route Configuration to use external fw interface.

Software list is now updated and 4.1.2 are now downloading :)

View solution in original post


L6 Presenter

From the CLI, test by issuing command 'ping host'.

Also when you go into Dynamic Updates and Software, do you get any error when you click on 'Check Now' button?

I can ping successfully from CLI and I get the same error when I manually press Check Now for any download.

Can you doublecheck the device's mgmt setting to ensure the update location is pointing to

Just to be specific it is in the Operations tab in the Setup section of the Device. The Update server is indeed ''

Configuration appears to be fine.  You may want to check again to see if the traffic is being blocked upstream.  I would suggest collecting a pcap and see.



I've been dealing with this same issue as well. It started with 4.1 for me too.

I can log into the firewall, and force it to update. But sometimes even then it gets stuck, and I have to log into the CLI and cancel the job.

Here's the email error message I get.

SYSTEM ALERT : high : Failed to check Content content upgrade info due to generic communication error

domain: 1
receive_time: 2012/01/17 13:14:20
serial: xxxxxxxxx
seqno: 11896
actionflags: 0x0
type: SYSTEM
subtype: general
config_ver: 0
time_generated: 2012/01/17 13:14:20
eventid: general
fmt: 0
id: 0
module: general
severity: high
opaque: Failed to check Content content upgrade info due to generic communication error

L4 Transporter

I am seeing similiar effects (4.1.1).  I noticed today that an auto scheduled AV download was at 30% for more than a week now.  Which must of been effecting the threat content download from starting.  URL updates are up to date though.  The particular date of over a week ago was also when I found the AV download stuck the first time.  After killing the job - I can perform a manual download/install.  Seems to happen during the auto scheduled download.  



Has there been any update on this? There is more then one person reporting the issue now. I'm still getting the same error message I reported in my previous post.



Please contact Support to open a case so that we can diagnose & have this issue track.  Thanks.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!