App and Threat Compatability Mismatch in HA Pair
48471
Created On 09/26/18 13:44 PM - Last Modified 06/14/23 06:30 AM
Resolution Issue
Passive device in an HA pair doesn't update and there is a mismatch status for the app and threat compatibility.
Resolution
From the passive device:
Ping updates.paloaltonetworks.com:
> ping host updates.paloaltonetworks.com
Get the MAC address of the static device:
> debug dataplane internal vif link
Sample Output:
eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:1b:17:01:47:00 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 12121844 100266 0 0 0 70484 TX: bytes packets errors dropped carrier collsns 5197283 13280 0 0 0 0
Log into the current active device and go to Network > Interface, then click on the Internal/Trusted interface. You'll need to statically add the MAC address and IP address of the passive device management interface.
owner: jnguyen