Issue CDN and AVG Update

Hallo Community,

I have an issue about AVG and CDN. I used PA 220 with Detials :

1. AVG Update

Regarding this issue, when I created specific rule with source IP address my workstation for AVG with application avg-update and I try hit update avg from my workstation. AVG  update always failed, can not update. And I tried create specific rule with source IP address my workstation and application any, and I tried hit update avg from my workstation, sometimes failed and sometimes succeed. when I looked traffic AVG on Log Monitor Paloalto. Traffic AVG used avast-av-update or ssl application not used avg-update application. I have already update dynamic update to latest. the result always same, traffic used ssl and avast-av-update, sometime succeed updated and sometimes failed. Could community give me clue for resolve this issue, please?

2. CDN

I could access this CDN http://global.oktacdn.com/ with http (web browsing app), but when used ssl I can not access https://global.oktacdn.com/ , connection always reset. I used two platform windows and linux, the results always same. It is very unique, when I checked on Log:

- There is no traffic ssl arrived to paloalto from both platform

- there iss no blocking from URL or Threat or Data Filtering

If I open github.com, google.com with ssl or another web with ssl, it is fine. I could open url expected global.oktacdn.com.

Could community give me clue for resolve this issue, please?

Thank advance for helping me.

Best Regards

Dwiyan