cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PAN-OS 9 - Wildfire Updates skipping; claiming that a newer version already is installed

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Reply
pan219
L2 Linker
‎02-13-2019 10:49 AM
‎02-13-2019 10:49 AM

PAN-OS 9 - Wildfire Updates skipping; claiming that a newer version already is installed

I have upgraded to PAN-OS 9 yesterday, so far without 'bigger' issues, except:

 

  • EDL updates keep failing, claiming that the downloaded file is not a ext file thus using the old version
    -> interim fix was to remove the checkmark "block unknown certificate status" on the certificate profile for the EDLs
  • NTP updates keep failing without further info, just a log entry notifying about the fact
  • and the worst bit: Wildfire updates always have to be installed manually now. I have not found a solution to this.

See attached pics re Wildfire.

 

Bildschirmfoto 2019-02-13 um 19.38.33.png

 

Bildschirmfoto 2019-02-13 um 19.38.12.png

 

1 person had this problem.
0 Likes
Reply
OtakarKlier
Cyber Elite
Cyber Elite
‎02-13-2019 12:05 PM
‎02-13-2019 12:05 PM

Hello,

I would make sure that no traffic is being blokced with regards to this traffic. If nothing is, I would open a support case. There are quite a few defects in this release that are known and maybe this is a new unknown.

 

Regards,

0 Likes
Reply
pan219
L2 Linker
‎02-13-2019 12:40 PM
‎02-13-2019 12:40 PM

the setup has been working flawless under 8.x.x

 

I have disabled ssl inspection on the interface used by the pan to grab edls and the pan updates, same result. the ntp I have switched to an internal one, same result. error category is auth, error message says ntp sync to server fail, authentication type none. it's a plain vanilla ntp server.

 

one wildfire update has succeeded in the last hour, since then I am receiving the error messages above.

 

what a rollercoaster ride.

0 Likes
Reply
OtakarKlier
Cyber Elite
Cyber Elite
‎02-13-2019 12:44 PM
‎02-13-2019 12:44 PM

Would rolling back to the previous code work for your environment? I would even contact suppor and ask their assistance. Honestly they might have released 9 but I would wait until at least 9.0.3 or .4 until moving to it unless there is a feature you truly need.

0 Likes
Reply
pan219
L2 Linker
‎02-13-2019 12:48 PM
‎02-13-2019 12:48 PM

I have kept a backup of the 8.0.16 configuration to roll back just in case. It's not a production device, just running on my home network, so not a big deal tbh.

0 Likes
Reply
OtakarKlier
Cyber Elite
Cyber Elite
‎02-13-2019 12:50 PM
‎02-13-2019 12:50 PM

Phew, good on you for testing prior to production :).  The config should remain the same, you just need to have 8.0.0 code downloaded as well as 8.0.16.

 

Good luck!

0 Likes
Reply
pan219
L2 Linker
‎02-13-2019 12:55 PM
‎02-13-2019 12:55 PM

for my home network it's the "production device", so make or break :) but I never would roll out any updates to a corporate device this fast.

Reply
nextgenhappiness
L4 Transporter
‎02-16-2019 07:08 PM
‎02-16-2019 07:08 PM

Are you still seeing the error?  I have not getting those errors for 2 days now..

 

E

0 Likes
Reply
pan219
L2 Linker
‎02-17-2019 12:06 AM
‎02-17-2019 12:06 AM

I have rolled back to 8.1.6 as I was not able to get this solved, but as long as I have been on 9.0 those error have been prevalent.

0 Likes
Reply
nextgenhappiness
L4 Transporter
‎02-17-2019 06:20 AM
‎02-17-2019 06:20 AM

Thanks for getting back to me.  I have not getting any wildfire update error anymore.  I am hoping PAN fixed on the updated file packaging...

0 Likes
Reply
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

Latest Blogs
Latest Posts
Privacy Policy Terms of Use
Copyright 2007 - 2021 - Palo Alto Networks