PAN-OS 9 - Wildfire Updates skipping; claiming that a newer version already is installed

L2 Linker

PAN-OS 9 - Wildfire Updates skipping; claiming that a newer version already is installed

I have upgraded to PAN-OS 9 yesterday, so far without 'bigger' issues, except:


  • EDL updates keep failing, claiming that the downloaded file is not a ext file thus using the old version
    -> interim fix was to remove the checkmark "block unknown certificate status" on the certificate profile for the EDLs
  • NTP updates keep failing without further info, just a log entry notifying about the fact
  • and the worst bit: Wildfire updates always have to be installed manually now. I have not found a solution to this.

See attached pics re Wildfire.


Bildschirmfoto 2019-02-13 um 19.38.33.png


Bildschirmfoto 2019-02-13 um 19.38.12.png


Cyber Elite


I would make sure that no traffic is being blokced with regards to this traffic. If nothing is, I would open a support case. There are quite a few defects in this release that are known and maybe this is a new unknown.



L2 Linker

the setup has been working flawless under 8.x.x


I have disabled ssl inspection on the interface used by the pan to grab edls and the pan updates, same result. the ntp I have switched to an internal one, same result. error category is auth, error message says ntp sync to server fail, authentication type none. it's a plain vanilla ntp server.


one wildfire update has succeeded in the last hour, since then I am receiving the error messages above.


what a rollercoaster ride.

Cyber Elite

Would rolling back to the previous code work for your environment? I would even contact suppor and ask their assistance. Honestly they might have released 9 but I would wait until at least 9.0.3 or .4 until moving to it unless there is a feature you truly need.

L2 Linker

I have kept a backup of the 8.0.16 configuration to roll back just in case. It's not a production device, just running on my home network, so not a big deal tbh.

Cyber Elite

Phew, good on you for testing prior to production :).  The config should remain the same, you just need to have 8.0.0 code downloaded as well as 8.0.16.


Good luck!

L2 Linker

for my home network it's the "production device", so make or break :) but I never would roll out any updates to a corporate device this fast.

L4 Transporter

Are you still seeing the error?  I have not getting those errors for 2 days now..



L2 Linker

I have rolled back to 8.1.6 as I was not able to get this solved, but as long as I have been on 9.0 those error have been prevalent.

L4 Transporter

Thanks for getting back to me.  I have not getting any wildfire update error anymore.  I am hoping PAN fixed on the updated file packaging...

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!