02-13-2019 10:49 AM
I have upgraded to PAN-OS 9 yesterday, so far without 'bigger' issues, except:
See attached pics re Wildfire.
02-13-2019 12:05 PM
Hello,
I would make sure that no traffic is being blokced with regards to this traffic. If nothing is, I would open a support case. There are quite a few defects in this release that are known and maybe this is a new unknown.
Regards,
02-13-2019 12:40 PM
the setup has been working flawless under 8.x.x
I have disabled ssl inspection on the interface used by the pan to grab edls and the pan updates, same result. the ntp I have switched to an internal one, same result. error category is auth, error message says ntp sync to server fail, authentication type none. it's a plain vanilla ntp server.
one wildfire update has succeeded in the last hour, since then I am receiving the error messages above.
what a rollercoaster ride.
02-13-2019 12:44 PM
Would rolling back to the previous code work for your environment? I would even contact suppor and ask their assistance. Honestly they might have released 9 but I would wait until at least 9.0.3 or .4 until moving to it unless there is a feature you truly need.
02-13-2019 12:48 PM
I have kept a backup of the 8.0.16 configuration to roll back just in case. It's not a production device, just running on my home network, so not a big deal tbh.
02-13-2019 12:50 PM
Phew, good on you for testing prior to production :). The config should remain the same, you just need to have 8.0.0 code downloaded as well as 8.0.16.
Good luck!
02-13-2019 12:55 PM
for my home network it's the "production device", so make or break 🙂 but I never would roll out any updates to a corporate device this fast.
02-16-2019 07:08 PM
Are you still seeing the error? I have not getting those errors for 2 days now..
E
02-17-2019 12:06 AM
I have rolled back to 8.1.6 as I was not able to get this solved, but as long as I have been on 9.0 those error have been prevalent.
02-17-2019 06:20 AM
Thanks for getting back to me. I have not getting any wildfire update error anymore. I am hoping PAN fixed on the updated file packaging...
02-17-2019 09:35 AM
I just have given it another try becuase of the dns service and bulletproof hosters edl. Wildfire issues still seems to exist, I'll keep an eye on it. THis time I noticed another thing- all my custom URL Filtering Lists have been reset to allow all! Might be worth checking yours aswell.
02-17-2019 12:28 PM
The problem with EDLs failing to refresh also still exists. I had set up a certificate profile for each additional edl I use. With 8.1.6 it works flawless, with 9.0 I cannot get it to work with an certificate profile attached. I have set it to none for the EDLs to refresh. I receive different error messages, ranging from ocsp cannot be queried to failed to refresh, using local copy.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
