This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Download and update problem

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Download and update problem

dimat
Not applicable

‎06-28-2011 06:52 AM

hello,

i have PA-2020 v3.1.6 that install between CP and backbone switch,

while my users try to do ms-update or download big size file, my PA stop the session after then complete about 25%

Maybe anyone recognize this issue ?  

0 Likes Likes
5 REPLIES 5

swhyte
L4 Transporter

‎07-04-2011 06:47 AM

The PA may have detected a threat or a file type that you are blocking or QOS may be throttling the session (that is if you have QOS configured). To aid in isolating you can create a policy for these sessions and not add a profile to the policy. If the downloads are still stopping, you can call in to support to aid in troubleshooting this.

thanks,

Stephen 

0 Likes Likes

mrajdev
L4 Transporter
In response to swhyte

‎07-05-2011 07:02 AM

Are you using IE browser to download the MS-Update? If you are then can you please try firefox or Chrome, as I have seen this issue when IE was used to download the MS-Update.

Hope this helps.

Thanks

0 Likes Likes

bhavin_bhatt
Not applicable
In response to mrajdev

‎07-05-2011 07:12 AM

Hi mrajdev,

microsoft updates are usually triggered by the operating sytem, so no browsers involved.

Cheers

Bhav

0 Likes Likes

bryan
L3 Networker
In response to bhavin_bhatt

‎07-05-2011 08:35 PM

Hello Bhav,


Can you confirm via Monitor->Traffic & Monitor->Threat whether discards/resets/drops, etc... are occurring during the time of the updates?


You could also manually launch a windows update from the client (Browser or Start->All Programs->Windows Update), then either filter the source IP of the client via the WebUI/Monitor Tab ( addr.src in x.x.x.x ) or via a session trace from CLI:


show session all filter source <ip>

(Keep pressing Up Arrow & Enter & verify session status ACTIVE, DISCARD, etc…)


You can also apply a similar filter to the URL filtering logs as well in the WebUI (Monitor->URL Filtering) as you may have a blocked category that happens to be hosting content (i.e., content-delivery-networks) that is being referenced/pulled from an external sites during update downloads.


Regards,


Bryan

0 Likes Likes

bhavin_bhatt
Not applicable
In response to bryan

‎07-06-2011 02:02 AM

Hi Bryan,

Thanks for the update. i have now allowed everything through a single server, which will then deploy updates to the rest of the PCs...

thanks for the response again.

Cheers

Bhav

0 Likes Likes
  • 3419 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks