opaque: Failed to check WildFire content upgrade info due to generic communication error

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Reply
Highlighted
L4 Transporter

opaque: Failed to check WildFire content upgrade info due to generic communication error

Any suggestions please?

I have it set to update every 15 minutes at an odd number of minutes to hopefully avoid "Let's all download at 00:00".

Doesn't happen all the time but it does happen more than I'd expect given we have a solid/stable leased line connection.

Highlighted
L7 Applicator

Hello,

Few related discussion on the forum, might help you.

:

generic communication error

Re: updates.paloaltonetworks.com connectivity

Thanks

Highlighted
L4 Transporter

We have had same issue for wildfire as well as content update check. We used to get bunch of emails on daily basis. I had a case open with support but dont think any resolution was provided. The alerts stopped for last few months however started again since week. Not sure if there is anything changed Palo Alto side.

Highlighted
L4 Transporter

We had a reply from support saying Palo Alto "upgraded" their WildFire servers last week and since then some other people have apparently logged similar issues so they suspect it's something at Palo Alto's end - they are going to check with Palo Alto.

Highlighted
L4 Transporter

So support are suggesting change the update server from updates.paloaltonetworks.com to staticupdates.paloaltonetworks.com

Both point to exactly the same data center though, same route.

Highlighted
L4 Transporter

Still seeing this - any ideas at all?

Highlighted
L4 Transporter

Talking to myself I guess :smileylaugh:

Support have had a tech support bundle, I don't think they'll find anything as a Palo Alto SE has said that use of WildFire has increased massively and he's heard anecdotes about the back-end needing to be upgraded etc.

It would be nice if there is an issue if Palo Alto simply acknowledged it as it would save wasting Exclusive's time on something that can't be fixed by anything they or I do.

Highlighted
L7 Applicator

I suspect that at least part of this is that wildfire does the every 15 minute update on the hour exact for all users and cannot be configured.  I had run into issues juggling the various update times on the devices to prevent conflicts.  I can only imagine what the traffic looks like on the hub side.

You are of course right, that PA just needs to acknowledge some kind of DC issue on their side so we don't crawl the configs and waste time trying to fix what we have no control over.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!