Unable to Download GlobalProtect from Firewall

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Unable to Download GlobalProtect from Firewall

L1 Bithead

Hi Community

 

I am trying to enable GlobalProtect on my FW, but I am unable to download GlobalProtect. When I go to Device > GlobalProtect Client and select a version to download, this fails. I get the following error message:

"Failed to download due to Empty file returned by update server. Please try again later.

Failed to download file"

I have checked my upstream FW and I can see the traffic goes out, however application is incomplete. I believe the request is being rejected by PA, so I am wondering if there is there any additional setting either in the Palo Alto portal or the FW to allow it to download the GlobalProtect Client? Do I need to request PA for access to the client? 

 

Looking forward for any information.

 

kind regards

 

Max

 

 

1 accepted solution

Accepted Solutions

L1 Bithead

The issue has been resolved. 

 

it was a missing route up-stream preventing return packets. 

 

Thanks for the assistance. 

 

Kind regards

 

Max

View solution in original post

3 REPLIES 3

Hi @MaxR2023 ,

Have you tried to click on "Check Now" at the bottom of the Device -> GlobalProtect page?

Usually firewall is downloading a list of available files from the server. It will cache the result and will not automatically update it until you told it so. Once you select version and click download firewall will use the reference in this list to request the file from the download server. In some very rear case the cached list could be outdated and the references in the list is not valid anymore, so when you click download, firewall will user reference that server doesn't understand.

 

Palo Alto always recommends to first click "Check Now" for any download - OS, dynamic update, globalprotect.

 

If you receive error when you refreshe the cache with "check now" it may indicate that your firewall have issues communicating with the update server.

L1 Bithead

Hi Astardzhiev.

 

Than you for the prompt reply. 

 

The FW  is unable to check for updates. It fails as well. I will review the settings in my upstream FW.

 

Kind regards

 

Max

L1 Bithead

The issue has been resolved. 

 

it was a missing route up-stream preventing return packets. 

 

Thanks for the assistance. 

 

Kind regards

 

Max

  • 1 accepted solution
  • 5837 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!