Slow download for Metasploit Updates

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Slow download for Metasploit Updates

L4 Transporter

I have question and I am not sure if I am posting this in the right place. I am also new to Palo Alto firewalls. I have a lot of experience with Cisco and SonicWall so you'll have to excuse me if I sound a little ignorant concerning Palo Alto at the moment.

This is my question/problem. I have a single subnet on my network that seems to be having problems downloading updates from metasploit. Browsing to the metasploit website and downloading the update will give an error stating "Installation failed: Signature failure". The research we've done and the feedback we've been given by Rapid7 is explaining this error is due to a firewall configuration. The other problem is when we attempt to download the file, I believe from and direct link, it's insanely slow. It's about 120 Mb file and it says the download will take about 14 days.

A couple of things to know. This is the only problem download this user and subnet is experiencing, that we are aware of. I am on a different subnet and my direct download is fine, it takes just a couple of minutes to download. The firewall has a rule to allow all from untrust to trust. We are using a PA500. At this point I am not sure what more I can do to verify and confirm that the firewall is not the problem. What steps can I take to continue to troubleshooting this to figure out the firewall is really the culprit or not? Any help would be greatly appreciated!!


L6 Presenter

Hi..Please check link speed & duplex for mismatch on the Ethernet interface of the PA device.  Also, check to see if there's a QoS policy that may be controlling this traffic.  If the user is on the trust zone and the download server is on the untrust zone, the policy should be to allow trust --> untrust for the download request.  Thanks.

rmonvon, thank you for the quick reply. I've checked the speed & duplex settings on the PA interface and compared it to the interface it's connected to and they match at 1 Gig Full. This is the only site/download we are having issues with so I don't believe that a mismatch speed/duplex setting is the problem. I also checked QoS policies. There are just a few for some websites but not the one we are browsing to and the policy is for any source IP > any destination IP. With this setting I should have the same problem too since I'm on a different subnet but I don't. It looks like we have URL licensing but I can't seem to get the URL filtering to pull any data. Is it possible this could be an issue? Would there be anything else that could be causing the problem?

Thanks again for the help.

I was able to figure out that URL filtering is not the cause of the problem either. Still looking for the cause though.

Can you try logging into that PC as yourself and test the download, and try the download from a different browser.  Maybe there's something wrong with the user's desktop/browser like caching on that browser setting.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!