Anybody else encountering this issue in the last days?
Content and antivirus updates are failing with "Failed to download due to generic communication error. Please try again later."
The internet access itself is OK. The issue seems to be on the Palo Alto Networks side.
Thanks for reply.
When I click on "Check Now" it shows new version, but when clicking on "Download" get this "Generic..." error message. After multiple attempts, it eventually works. The mgmt interface is used for download which in the end arrives at the firewall from trust to untrust where I cannot see any dropped traffic regarding "paloalto-updates" appid.
if you try :-
traceroute source <management ip> host updates.paloaltonetworks.com
does it route to the trusted interface as expected? perhaps try a few times to see if you have an issue ...
also.. just for a test.. change the updates service route to go via the external interface.
Changing service route is not possible on Panorama.
But I found the issue: Some of the update traffic is now classified as "ssl" and not "paloalto-updates". When you try multiple times, it eventually contacts a download server which is classified as "paloalto-updates". With "ssl" added to the rule, it works now instantly and every time. Thanks for your help.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!