The message you are trying to access is permanently deleted.
02-16-2025 05:28 PM
The active firewall is connected while the passive is not connected. In that case sometimes we getting,
PAN-DB cloud list loading failed (ERROR:SSL connect error
I believe we can ignore this error message if it's getting the error once in awhile since it could be failed due to SSL connectivity error to Palo Alto update server.
The concern is it because of passive firewall is not connected ?
02-16-2025 06:12 PM
Hi @S.Ramesh960545 ,
IF passive device management interface doesn't have internet access then you will see this message, however if you have internet connection via management interface then you have to check in path if there is anything blocking the traffic.
02-16-2025 06:27 PM
Hi, are you talking about the error log message or for the
> show url cloud status, output
02-16-2025 07:14 PM
Hi @S.Ramesh960545 ,
Both error logs and show url-cloud status output, what status do you see with running the command show url cloud status and do you see any error in system logs.
02-16-2025 08:23 PM
The system log error PAN-DB cloud list loading failed (ERROR:SSL connect error
can only be seen in active firewall.
> show url cloud status (active)
PAN-DB URL Filtering License : valid libcurl resolver : threaded Current cloud server : serverlist.urlcloud.paloaltonetworks.com Cloud connection : connected Cloud mode : public URL database version - device : 20250203.20043 URL database version - cloud : 20250203.20043 ( last update time 2025/02/03 10:30:54 ) URL database status : good URL protocol version - device : pan/2.0.0 URL protocol version - cloud : pan/2.0.0 Protocol compatibility status : compatible
> show url cloud status (passive)
02-16-2025 09:52 PM
Hi @S.Ramesh960545 ,
Thanks for sharing the output as currently passive device is not connected to cloud due to that you are getting the error.
Looks like passive device doesn't have internet access via management interface due to that you are seeing the error..
You may check with failover traffic to passive device as if you are using data interface in service route to connect internet then it's expected..
02-17-2025 03:53 PM
Hello @S.Ramesh960545
could you have a look into below KBs:
HA passive device keeps making failed PAN-DB cloud connection
Why Does the PAN-DB Version Not Update on the Passive Firewall?
Kind Regards
Pavel
04-14-2025 09:49 AM
Hi @PavelK ,
Do those two articles not contradict each other? The first states that after PAN-OS 9.0 the expected behaviour of the passive unit is to receive a URL DB cache sync from the active unit, and not connect to the PAN-OS cloud itself, while the second states the error is a result of a devsrvr process being stuck in a loop on the passive unit.
Any clarity is greatly appreciated!
04-27-2025 06:42 PM
Hello @nohash4u
thank you for message.
I agree that each of the KB is describing different issue and they do not seem to have any relation to each other. I think, the section of "Additional Information" from KB: "HA passive device keeps making failed PAN-DB cloud connection" should be removed to avoid confusion.
Kind Regards
Pavel
04-29-2025 12:52 PM
Thanks for clarifying!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
