Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
06-30-2019 11:55 PM
Hi,
We are having issues with commit in the FWs from last Wednesday. The error that we receive is: "Error: Profile compiler : can not find tid 40006 in threat database". The commit finishes correctly, but with the warning of the error.
We have revert the content update of the apps and threats to a previous one and the commit finishes correctly. With the latest content updates we are having issues too.
¿Any idea why are we receiving the error? We have checked that the threat ID 40006 exists.
Regards.
07-01-2019 11:05 AM
Hello,
Try to install a newer version or revert to the previous one and try upgrading again. If this doesnt work, perhaps a call to tech support.
Regards,
07-01-2019 02:22 PM
You might have an exception for Threat ID 40006 in one or more of your security profiles. A simple way to check your whole config for that can be done in CLI:
> show config running
hit / (forward slash) to begin searching, and enter:
40006
You'll have to scroll up (using the "J" key, may also work with arrow keys) to the top of that entry to find the profile name, and there may be multiple profiles that have it.
07-02-2019 12:12 AM
Warning message comes from firewall because Threat ID 40006 was disabled starting from Application version 8165 and later.
Please find below release note.
07-10-2019 10:48 AM - edited 07-10-2019 10:53 AM
I did what you suggested from the CLI and found the 40006 threat exception. The WebUI did not show it in the exceptions list for me to delete from there. I went back to the CLI, and fumbled my way through it using the following...
This is used to get the output in "set" format. (This helps those of us who are not overly familiar with PAN-OS CLI.)
> set cli config-output-format set
Enter Config mode.
> configure
Show configuration and search for Threat ID 40006.
# show /40006
or
# show | match 40006
Use the above output results to create a "delete" command.
# delete profiles vulnerability "vuln-profile-name" threat-exception 40006
Commit changes.
# commit
Problem solved.
07-11-2019 05:39 AM
Hi,
We opened a tech support case, and they confirm that the treat id was disabled. Actually we have received a update that they are going to include the threat id next week.
Thank you everyone for the help!!
07-17-2019 09:09 PM
08-05-2019 04:04 AM
Hi,
Actually with the latest content update, it has been included.
Regards.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
