Dynamic Update from Panorama doesn't work

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Dynamic Update from Panorama doesn't work

L0 Member

I want to use Panorama to perform dynamic updates for the "Antivirus" and "Applications and Threat" sections.

On remote firewalls, I configured Panorama as the update server.
I also scheduled the automatic update via a template.

In Panorama, I have the latest versions of "Antivirus" and "Applications and Threat" installed. However, they are never deployed on remote equipment.

I also tried to manually push them on the firewalls, but I get an error message that the server cannot be reached.

What's also weird is that when I go to remote FWs and check for available updates, I don't get the same information about remote FWs.

Can you help me?

Translated with www.DeepL.com/Translator

3 REPLIES 3

L5 Sessionator

Hi @MarcRestelli

 

"On remote firewalls, I configured Panorama as the update server."

 

Did you set the update server (Device -> Setup -> Services) to the IP of the Panorama? If so, this isn't necessary and should be changed back.

 

Managing Dynamic Updates via Panorama should be done via Panorama > Device Deployment > Dynamic Updates. Please do refer to the below documentation.

 

https://www.paloaltonetworks.com/documentation/71/panorama/panorama_adminguide/manage-licenses-and-u...

 

Thanks,

Luke.

 

Hi @LukeBullimore,

 

Thank you for your answer.

 

Yes, I tried with the dns name and IP address but it doesn't work with either of them.

 

However, since Panorama I see that there are new versions, but since the remote equipment I do not see them. On another remote device, I left updates.paloaltonetworks.com as server and there I see the new versions.

 

I don't know where else to look.

 

Hi @MarcRestelli,

 

Please keep the update server on all devices as "updates.paloaltonetworks.com"

 

Please could you clarify your question? On Panorama you see the latest Dynamic Updates but on the firewalls you don't?

 

After changing the update server back, please click "Check Now" from Device -> Dynamic updates to see the updates; provided the firewall has internet connectivity from the management interface, it will pull these updates from the update server.

 

If you wish to push and manage content updates via Panorama, please refer to my previous note.

 

Thanks,

Luke.

 

  • 4198 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!