About EliSz

Hello,  In my case: Problem  Offline deployment (Panorama with no access to the Internet) Error MSG- Warnings: Details:Failed to update content with following message: encfilesize is 53118240 No matching apps package found in panupv2-all-contents-8263-6055.tgz exiting with 255 -Panorama PANOS version 9.0.2-h4. esxi  What we try: License was there but we re imported from the Sup portal. - did not help Restart of the management plane - did not help Removing all the other packages and restart of the management plane - did not help Upgrade from 9.0.2-h4 to 9.0.6 - did not help   Solution  On the final round what we did was  We re-download the app+threats package from the support portal, clear all the other packages except the one that was in use restart of the management plane re-import the package to the device and install. Th at seem to work in our case. We had a case open with Palo but due to the limited access to the unit, no serious troubleshooting session was done and we also couldn't find anything in the Tech support file. ----- Last message from Palo engineer that was sent and we didn't try was: Would you please try to delete the old content cache too and restart device-server and management-server processes after that: delete content cache old-content ----- Strange.   Thanks, Eli   ... View more

Hello, We had similar case for 3 devices, problem with rcv_fifo_overrun counters increasing on external interface directly connected to the ISP router.  Devices were on 8.1.5 and 8.0.12 PANOS, model PA820. First we thought problem might be due to high packet burst where device can't handle it properly and simply drops the packets, also we suspected PAN-104116 leak or another thought was that the device could be simply to busy and drops the packets that can't handle. Leak was fixed in 8.1.5 and we try the upgrade path, which didn’t help in the end. Then when we noticed that 2 more devices (same model PA820) had the same problem, we have logged the case with PA TAC. Upon troubleshooting engineer provided some more insight based on the past experience: Data receive buffer overrun - is only indication of ingress traffic bursts on the marvell switch port(Firewall DP Ports) .rcv_fifo_overrun errors are suggesting that Marvell(PA's switch backplane) was experiencing buffer shortage/switch port on Marvell fabric is receiving more frames than can be managed and this can be related to bursty traffic pattern.   Errors can only be found on Marvell external ports (phy ports, RJ45) and not between internal chipsets(From Marvell ---> Dataplane processor). Buffer size cannot be changed/adjusted. > debug dataplane internal pdt marvell stats     What we are interested in is the UL1 and UL2 (Uplinks to Octeon Processor) and they appear to be good, in all of them indicating marvell is not sending pause frames or any recv errors caused by hardware.    Also the traffic rate in my case and for that particular device was above 20K pps Rcv_fifo_overrun is expected/normal during bursty traffic pattern and it's not an issue on the firewall.   Problem is only when the traffic rate is low and if this counter increases, even with reasonable amount of traffic, then it needs investigation.   Also this doesn't have relevance to packet-descriptor depletion or leak as I have thought originally with reference to PAN-104116. Because PD is a DP component and "rcv_fifo_overrun"  is drop stage in marvell even before it makes it to DP.   In my case from TAC perspective there is not much we can do.   Kind Regards, Eli   ... View more

Hi  vmilan, Can I ask what is the model of the device you have problem with?     ... View more

Hello, My colleague actually encounter similar problem, she was upgrading from 7.0.1 to 7.1.19 issue was with getting 7.1 base version onto pa200 using GUI, operation end-up with " upload file size exceeded system limit " Workaround:  Use the CLI (tftp/scp) to upload the 7.1.0 image to the firewall and then proceed with the upgrade as usual.   It was tested on couple pa200s and solved the problem, apparently this is known bug in 7.0.x.   Hope that helps someone.   Thanks. ... View more