About pieters

I'm having the same issue with a different url. The site used to be categorized as web-advertisements but has since a couple of weeks been updated by brightcloud to 'business and economy'. I'm running the latest url db (4238 as of writing) and I have the issue on at least 3 different boxes running 5.0.7, 5.0.8 and 5.0.9 respectively. I've tried 'clear url-cache all', 'delete dynamic-url' and also tried reverting to the previous url db version and re-upgrading to the latest. Basically, I've tried everything short of a reboot. I can add the url to a whitelist as a workaround but would surely prefer a proper solution to the issue. ... View more

I'm hoping to do the same thing as above. The post you refer to is about DNS proxy. How will that help me to add DHCP options beyond the fields that Palo Alto provides? rgs, Luc ... View more

just wanted to provide an update of how I got into trouble and what I did to solve it. My mistake was to bring the content database up-to-date before upgrading the OS. I thought that would be a good idea but it turned out it wasn't. The result was that my database was more recent than what the OS I was upgrading to could handle (or expected). So I got an error  "content version of 157 or greater and found 58-413". To solve the issue I needed to downgrade the database. I was able to get the version I needed from here: https://support.paloaltonetworks.com/index.php?option=com_pan&task=download_updates&ut=si&vn=240-936&ct=contents&prod=3.1&plat From there on the process is like others in this thread discribe. Download (but don't install) the base image for the major version you want to upgrade to (eg. for 4.0.x the first release was 4.0.1) and then download and install the latest version of that particular major release (4.0.5 at the time of writing). After that, you can upgrade your content database(s) and you should end up with a fully updated functional system. ... View more

Hi Benjamin, I have a similar issue. I'm trying to upgrade from 3.0 to 3.1 and get the error message "content version of 157 or greater and found 58-413". I currently have 263-1105 installed which should be recent enough. I have to remark that in addition to the error above, when I try to re-install the content (or upgrade to the latest which is 264-1111 as of writing) I get the error  "device: Threat database handler failed" followed by "commit failed". rgs, Luc ... View more

Hi Sandeep, I have one example where the fw detected a Microsoft Internet Explorer Vulnerabilty where the traffic after further investigation turned out to be between 2 linux hosts.  Although the fw can only look at the packets and has no way of knowing what the source or destination machines are, this is definately a false possitive. We see similar things all the time and it is coming to the point where we stop taking the alerts serious because up till now we haven't had one alert that after investigation turned out to be a real problem. What would be the correct approach to get rid of false possitives so that we can come to a point where an alert only happens when there is an actual problem? rgs, Luc ... View more