For details on cookie usage on our site, read our Privacy Policy
PAN URL DB not getting update.
- LIVEcommunity
- Discussions
- General Topics
- PAN URL DB not getting update.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-22-2021 04:21 AM
Hi Team,
I have 3 firewalls in my different loctions, All 2 firewall URL Update version is up to date. Only one firewall is a lower version.
Also, I identified lower version firewall having a different update server when I checked the show url-cloud-info command.
lower version update cloud server is: pdx1prod.urlcloud.paloaltonetworks.com
The higher version update cloud server is: serverlist.urlcloud.paloaltonetworks.com.
Kindly help me out to resolve this issue.
Accepted Solutions
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-27-2021 09:19 PM
Hi Team,
Issue resolved and please find the TAC solution below,
1. The URL-filter elect the cloud server:pdx1prod.urlcloud.paloaltonetworks.com
2. And the response is very slow during
show url-cloud status
test url www.google.com /www.yahoo.com
3. Change the mgmt to 1400 make some improvement during certificate exchange on small ISP path MTU.
Then the cloud server change to serverlist.urlcloud.paloaltonetworks.com
test url and response better now
ISSUS fixed.
Thank you all
Regards,
Vishnu Ps.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-22-2021 08:28 PM
Interesting. PAN-DB should update every 5 minutes. Did the issue, 16 hours later, correct itself?
What does Monitor > Logs > System ( subtype eq url-filtering ) show?
Did you mean the "show url-cloud status" command?
Since you see a cloud server, it sounds like the status of the cloud connection is "connected", could you confirm?
If you are connected and still do not have the latest version, you can manually request a download -> https://docs-new.paloaltonetworks.com/pan-os/8-1/pan-os-admin/url-filtering/troubleshoot-url-filteri... and see what happens.
If you are not connected, go here -> https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/url-filtering/troubleshoot-url-filtering/p....
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-22-2021 08:38 PM - edited 08-22-2021 08:38 PM
Under Device services what is update server you have configured?
I have this updates.paloaltonetworks.com.
PA>show url-cloud status
PAN-DB URL Filtering
License : valid
Current cloud server : serverlist.urlcloud.paloaltonetworks.com
Cloud connection : connected
Cloud mode : public
URL database version - device : 20210823.20055
URL database version - cloud : 20210823.20055 ( last update time 2021/08/22 21:30:20 )
URL database status : good
URL protocol version - device : pan/2.0.0
URL protocol version - cloud : pan/2.0.0
Protocol compatibility status : compatible
Regards
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-22-2021 10:14 PM
Hi Tom Yong,
Yes , it's showing connected only.
Please find the ss for your reference.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-22-2021 10:16 PM
Hi MP18,
I have configured this updates.paloaltonetworks.com.
I getting below error in the system logs,
( description contains 'CURL ERROR: bind failed with errno 124: Address family not supported by protocol' )
from pohlye to everyone: 4:23 PM
and ( description contains 'CLOUD ELECTION: pdx1prod.urlcloud.paloaltonetworks.com IP: 66.232.32.12 was elected, measured alive test 1466481.' )
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-23-2021 04:14 AM
Hi ,
I getting this error logs from the device server.
URLPERF: MP pandb-cache-smart-clear-max-lru = 2500000 mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.181 +0530 Cloud Connection Agent is starting... mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.182 +0530 PAN-DB engine is starting... mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.183 +0530 Warning: pan_log_proxy(pan_priv_log.c:269): Elog being proxied mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.186 +0530 PAN-DB engine started. mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.187 +0530 Warning: pan_log_proxy(pan_priv_log.c:269): Elog being proxied mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.191 +0530 Warning: pan_hash_init(pan_hash.c:113): nbuckets 10240 is not power of 2! mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.191 +0530 Warning: pan_hash_init(pan_hash.c:113): nbuckets 10240 is not power of 2! mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.515 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:34:33 2021-08-22 08:34:33.515 +0530 cfgagent register failed in try 1/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:34:38 2021-08-22 08:34:38.525 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:34:38 2021-08-22 08:34:38.525 +0530 cfgagent register failed in try 2/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:34:43 2021-08-22 08:34:43.535 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:34:43 2021-08-22 08:34:43.535 +0530 cfgagent register failed in try 3/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:34:48 2021-08-22 08:34:48.545 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:34:48 2021-08-22 08:34:48.545 +0530 cfgagent register failed in try 4/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:34:53 2021-08-22 08:34:53.555 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:34:53 2021-08-22 08:34:53.555 +0530 cfgagent register failed in try 5/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:34:58 2021-08-22 08:34:58.575 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:34:58 2021-08-22 08:34:58.575 +0530 cfgagent register failed in try 6/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:03 2021-08-22 08:35:03.595 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:03 2021-08-22 08:35:03.595 +0530 cfgagent register failed in try 7/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:05 2021-08-22 08:35:05.113 +0530 URL filtering vendor(PAN-DB) not changed. mp devsrv.log 2021-08-22 08:35:08 2021-08-22 08:35:08.605 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:08 2021-08-22 08:35:08.605 +0530 cfgagent register failed in try 8/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:13 2021-08-22 08:35:13.305 +0530 path : https://s0000.urlcloud.paloaltonetworks.com/urlcloud_list, path mp devsrv.log 2021-08-22 08:35:13 2021-08-22 08:35:13.615 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:13 2021-08-22 08:35:13.615 +0530 cfgagent register failed in try 9/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:14 2021-08-22 08:35:14.362 +0530 Error: pan_cloud_agent_secure_conn_pandb_enabled(pan_cloud_agent_connect.c:1140): failed to fetch sysd obj sw.mgmt.runtime.curl-param mp devsrv.log 2021-08-22 08:35:14 2021-08-22 08:35:14.384 +0530 Error: pan_cloud_agent_secure_conn_pandb_enabled(pan_cloud_agent_connect.c:1140): failed to fetch sysd obj sw.mgmt.runtime.curl-param mp devsrv.log 2021-08-22 08:35:18 2021-08-22 08:35:18.625 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:18 2021-08-22 08:35:18.625 +0530 cfgagent register failed in try 10/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:23 2021-08-22 08:35:23.635 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:23 2021-08-22 08:35:23.635 +0530 cfgagent register failed in try 11/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:28 2021-08-22 08:35:28.645 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:28 2021-08-22 08:35:28.645 +0530 cfgagent register failed in try 12/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:33 2021-08-22 08:35:33.655 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:33 2021-08-22 08:35:33.655 +0530 cfgagent register failed in try 13/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:38 2021-08-22 08:35:38.665 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:38 2021-08-22 08:35:38.665 +0530 cfgagent register failed in try 14/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:43 2021-08-22 08:35:43.675 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:43 2021-08-22 08:35:43.675 +0530 cfgagent register failed in try 15/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:48 2021-08-22 08:35:48.685 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:48 2021-08-22 08:35:48.685 +0530 cfgagent register failed in try 16/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:53 2021-08-22 08:35:53.695 +0530 Error: pan_cfgagent_write_sysd_boolean_sync(pan_cfgagent.c:168): sync modify <sw.mgmt.runtime.clients.device.register> failed: NO_MATCHES mp devsrv.log 2021-08-22 08:35:53 2021-08-22 08:35:53.695 +0530 cfgagent register failed in try 17/25. sleeping for 5 seconds... mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 ======================================= mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 Cloud IP mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 Source IP 172.16.168.226 mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 name lookup time 0.000000 second mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 connect time 0.000000 second mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 ssl connect time 0.000000 second mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 total time 39.969514 second mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 server certificate chain: 0 certinfo(s) mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 curl error: Could not resolve host: s0000.urlcloud.paloaltonetworks.com mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 ======================================= mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 Perform download from cloud with result Couldn't resolve host name. mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.366 +0530 Error: pan_cloud_agent_download_cloud_list(pan_cloud_agent_connect.c:1747): PAN-DB cloud list loading failed (ERROR:Couldn't resolve host name). mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.366 +0530 Warning: pan_cloud_agent_get_curl_connection(pan_cloud_agent_connect.c:2685): cannot elect a cloud mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.368 +0530 Warning: pan_log_proxy(pan_priv_log.c:269): Elog being proxied
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-23-2021 05:09 AM
This line (6th from bottom) looks like your issue.
mp devsrv.log 2021-08-22 08:35:55 2021-08-22 08:35:55.365 +0530 curl error: Could not resolve host: s0000.urlcloud.paloaltonetworks.com
Can you run the command "ping host s0000.urlcloud.paloaltonetworks.com"? This will test DNS. The source address used will be your management interface. Could you also run the command "debug dataplane internal vif route 250" to verify that you do not have any service routes installed? The output should be blank. If not, please post.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-23-2021 05:11 AM
9.1.8 Panos
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
08-23-2021 05:12 AM
sure, I will test and let you know the updates.
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
