Multiple issues on Dynamic Updates PA-220

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Multiple issues on Dynamic Updates PA-220

L1 Bithead

Hi Palo Alto Community Team,


I'm facing Multiple issues on Dynamic Updates PA-220, the thing is, in our company we have a PA-220 available and with active Premium Support license for all 2023, this FW was restored using factory reset process and get back to PAN-OS 8.0.7 and updated following the order


8.0.7 > 8.0.19-h1


The FW was updated but now we're receiving an error message when try to update from 8.0.19-h1  to   8.1.0, apparently issue comes on the Dynamic Updates on the FW that stop appearing for 8.0 PAN-OS Version since August 2022, in this case I try to do it manually from the


PA CSP -> Updates > Dynamic Updates




But all updates for all categories are from this year 2023, I download and upload manually on the FW the


panupv2-all-apps-8687-7932 dated on March 17, 2023


But when is loading FW CPU goes over 100% and get an error, although the error when go to


Dynamic Updates > Install From File > Package Type > Apps And Threats > panupv2-all-apps-8687-7932 




The file appears to be available but when install shows another error.



My question here would be,

1.- ¿Is there a Dynamic Updats Library previous versions of Dynamic updates for previous PAN-OS Version can be downloaded?

2.- ¿Is there any way, using console or WebGui to load directly de PAN-OS 9.1 or higher in order to be able to upgrade the Firewall with a Factory reset ?

Thanks in advance for your answers


Cyber Elite
Cyber Elite


Make sure your management interface can get to the internet without any decryption or inspection policies. Then go to Device->Dynamic Updates. At the bottom, click 'Check Now'. this will have the palo alto reach out to the internet services and grab the latest versions. Once you download and install the App/Threats one, click the check now again and download and install the antivirus ones.


Also you can grab a secure config from .




L1 Bithead

Hi  @OtakarKlier , thanks for your answer.


Yes, I have completed the configuration of the device in order to reach internet with the DNS servers, in  this case I have not generated any rule yet, only have the MGMT configuration to be accessed remotely, run a couple CLI tests in order to double check.




Using CLI with MGMT IP address as a source as well



Also I was able to obtain a Dynamic Update from other sources




Loaded but when try to install it  obtain a differente error, looks like updates are also linked to license as well.



In this case Is it possible to install the PAN-OS from a USB and using some recovery or factory mode?, I think that would be the fastest solution

Cyber Elite
Cyber Elite


I dont think you need to factory reset it. You need the dynamic updates regardless. I would check the traffic in the logs to see why/if its getting blocked etc.



  • 3 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!