06-27-2012 12:10 PM
I'm trying to migrate my devices to Panorama, and am having a few issues.
1) I cannot switch to Brightcloud URL filtering, I get the following message:
Server error : Successfully set URL database to 'brightcloud'.Failed to read 'br
ightcloud' categories. Please restart the device for changes to take effect.
Rebooting the server from the GUI doesn't have any effect.
2) I cannot generate a certificate for Panorama, it says:
"Failed to generate certificate" (I assume this is why my devices are not communicating with the Panorama, the web server cert is in there, but I can't create one to use for the devices)
3) When I click on the software list, and hit 'refresh', it says:
Failed to check upgrade info due to generic communication error. Please try again later.
From the CLI I can ping the public internet via DNS name.
07-18-2012 05:40 PM
1. Panorama will not push the bright cloud database to the firewalls. This has to be done on per firewall basis. You can verify the database used by a firewall thorugh:
show system setting url-database
If the database is not Bright Cloud, you can switch to Bright Cloud through:
set system setting url-database brightcloud
2. Can you provide the screenshot of the cert you are trying to generate? Also, when trying to generate a cert in a putty session, can you run the command: tail follow yes mp-log ms.log and attach the output here?
3. Can you ping updates.paloaltonetworks.com from CLI? You get the error when there is connectivity issue.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
