About albert.buendia

Hi, I'm a customer with two PaloAlto PA-2020 with active/passive config running without issues. I've just upgraded from 5.0.11 to 6.0.0 and then to PAN OS 6.0.1 (latest) Starting with PAN OS 6.0.0 I can't check for apps and antivirus upgrades from the "Dynamic Updates" link. It gives the error "Error in retrieving data". This situation didn't happened in previous versions of PAN OS. From an SSH console, I can run: >request antivirus upgrade check >request antivirus upgrade download latest >request antivirus upgarde install version latest All commands succesfully. I can see succesfully installation in the General Information widget (dashboard). So, is there an issue from the web PAN OS interface for the Dynamic Updates section ?? Thanks in advanced. Albert ... View more

Hi to all, We've two PaloAlto firewalls PA-2020 with 3.1.6 software image version and HA licensed.Both have active gold maintenance support. Last week we tried to update to the last version 4.0.4 and the upgrade process failed. Step 1 We started with the first firewall downloading the image base 4.0.1 version and all was ok. We didn't install because, in theory,it's not necessary. Step 2 We downloaded the 4.0.4 image version and all was ok. Step 3 We installed the 4.0.4 image version from the https web interface. The PaloAlto informed that all the process was ok andasked for a reboot. Then problems started. The starting process take - more or less - 10 minutes, and when we logged to the https web interface the Paloaltofirewall was with a red ballon and saying in eternum "System not yet ready" (see paloalto-erro-p0.jpg image attached).Also we could see at the system logs widget "Autocommit job failed" for a lot of entries. Step 4 The firewall didn't never started fine, so we thought it was a good idea to try another hot reboot by going to the Device tab -> Setup andthen click onto "Reboot device" at the web interface. Step 5No luck. It was even worse, we couldn't log to the https web interface. It wasn't available. Only the power led light was on(see paloalto-error-p3.jpg image attached). So, we connected a laptop to the console port. We advertised that the firewall was stopped at the line "Generating SSH2 DSA host key" We discovered later that if you wait sometime and press enter the loading process continues and you will see some FAILED errors(see paloalto-error-p2.jpg and paloalto-error-p1.jpg images attached) Step 6 We asked for localized PaloAlto support (case number 5793 at Exlusive Networks in Spain) and they recommended to restore the factory image base by the CLI and manintenance interface. Step 7 We restore the image factory and then the xml backup configuration. Now all is ok at the 3.1.6 image version but some questions arise: I've read some similar issues at this forum with the 4.0.4 version so, Is it better to upgrade to the 4.0.1 -> 4.0.3 and wait for another release? Thanks in advance. PD: I have also the thechsupport file if needed. ... View more