cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Failed to check content upgrade info due to generic communication error.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
migration
L0 Member
‎08-29-2010 05:53 AM
‎08-29-2010 05:53 AM

Failed to check content upgrade info due to generic communication error.

Recently, I am getting "Failed to check content upgrade info due to generic communication error.  Please try again later" error message.

Do you have any idea about the problem?  I faced with this problem at two different PoC.

Thanks.

-Ismail

2 people had this problem.
Labels:
Tags (2)
0 Likes
Reply

Accepted Solutions
migration
L0 Member
‎03-10-2011 07:31 AM
‎03-10-2011 07:31 AM

For all interested parties:

After a support call to Palo Alto, it was determined that a "feature"(not a 'bug") that is "by design" was causing my issues.  Palo Alto says it is too costly to fix since there is a reasonable workaround.  If enough people complain to their SE, then maybe PA will fix the issue, which is still present in the new OS 4.0.x.

The fix was to add static ARP entries for each firewall's management interface in the layer3 sub-interface of the physical internal interface.

Once the ARP entries went in, my passive firewall was able to reach out to the Internet for PaloAlto updates.

Hope this helps!

Mike

View solution in original post

1 person found this solution to be helpful.
(1)
Reply

All Replies
ggutierrez
L3 Networker
‎08-29-2010 07:08 AM
‎08-29-2010 07:08 AM

We recently migrated the updates to a CDN. The auth requests still go to updates.paloaltonetworks.com but the downloads are sourced from the following url:

http//:c0002083.cdn1.cloudfiles.rackspacecloud.com

If there is a rule set to allow updates only from our update server then you will need to add the ip from the new url.

0 Likes
Reply
migration
L0 Member
‎08-29-2010 07:36 AM
‎08-29-2010 07:36 AM

I did not specify any rule about updates. I am using default settings(factory-default settings of PAN 3.1.4)

Is this normal situation?

Thanks.

0 Likes
Reply
ggutierrez
L3 Networker
‎08-29-2010 12:23 PM
‎08-29-2010 12:23 PM

You will need to configre a DNS server on the Device page to access the serrver. Be sure you can ping   updates.paloaltonetworks.com

0 Likes
Reply
kkotsis
Not applicable
‎09-01-2010 03:23 AM
‎09-01-2010 03:23 AM

Hello,

i have the same problem.

I am pinging updates.paloaltonetworks.com but i am getting the same error.

thanks,

Kostas

0 Likes
Reply
migration
L0 Member
‎03-07-2011 08:42 AM
‎03-07-2011 08:42 AM

Am having same issue here.  I am using two PA500's in an HA arrangement.  One firewall(active one) can retrieve the updates normally while the second, passive, firewall receives the error.

0 Likes
Reply
sandro
Not applicable
‎03-09-2011 09:36 PM
‎03-09-2011 09:36 PM

I'm having same problem too.

0 Likes
Reply
migration
L0 Member
‎03-10-2011 07:31 AM
‎03-10-2011 07:31 AM

For all interested parties:

After a support call to Palo Alto, it was determined that a "feature"(not a 'bug") that is "by design" was causing my issues.  Palo Alto says it is too costly to fix since there is a reasonable workaround.  If enough people complain to their SE, then maybe PA will fix the issue, which is still present in the new OS 4.0.x.

The fix was to add static ARP entries for each firewall's management interface in the layer3 sub-interface of the physical internal interface.

Once the ARP entries went in, my passive firewall was able to reach out to the Internet for PaloAlto updates.

Hope this helps!

Mike

View solution in original post

1 person found this solution to be helpful.
(1)
Reply
ldormond
L3 Networker
‎10-10-2011 12:35 AM
‎10-10-2011 12:35 AM

Hello,

I am facing the same issue.

I have a Active/Passive PA2050 cluster and I get the same errir message on both devices when trying to check for new update content.

I have configured the appliances to only use mgmt interface and both firewalls can ping the update server (so there is no ARP issue) from the mgmt interface but I still get this error.

Any  idea?

Regards,

Laurent

0 Likes
Reply
lnwh
Not applicable
‎10-12-2011 11:35 PM
‎10-12-2011 11:35 PM

The fix was to add static ARP entries for each firewall's management interface in the layer3 sub-interface of the physical internal interface.

Once the ARP entries went in, my passive firewall was able to reach out to the Internet for PaloAlto updates.

Nice fix it works for me.

I can ping update server but can't dowload files but after this fix it is works.

Thanks

Niklas

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks