10-07-2016 01:21 PM
I'm looking to see if anyone else is having an issue with dynamic updates past the 596 threat update on a 3050 running 6.1.2.
Here is what we are seeing. A while ago the 596 threat update came out and we encountered an issue. This was a known issue by Palo Alto. We then rolled back to the 595 update and encountered a problem where HTTP and HTTPS connections were failing with a resources unavailable error in the logs. We contacted Palo Alto and they had us disable dynamic updates and roll back again to 594. The issue then went away. Palo Alto cited 2 bugs in 6.1.2
70075 - fixed 6.1.3
Fixed an issue where a lack of content resources on a PA-3000 Series firewall caused some applications to be incorrectly identified or even fail. This fix ensures adequate resources are available for identifying and supporting all traffic sessions.
81370 - fixed 6.1.8
Fixed an issue where the firewall was unable to allocate a large memory block, which caused sessions to fail. This fix ensures adequate resources are available for a large memory block when needed.
We have not been given the OK yet to upgrade the gateways and it has not been fully proven these bugs are the issue. We were running on 6.1.2 for a long time with dynamic updates working just fine until this issue with 596. As a test we manually updated the secondary to 610 and failed over to it only to get the same results of resources not available errors. Palo Alto stated that update 610 had no issues.
Is anyone out there running successfully on 6.1.2 with threat updates higher than 596 or having the same problem we are? Does anyone know more about these bugs and how to prove they are the issue?
Thanks for any help!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!