Created On 09/26/18 13:51 PM - Last Updated 02/07/19 23:45 PM
Zone and DoS Protection
The PAN-DB URL database download fails with "URL database download: not available."
If the system log shows that a certificate error has occurred, the issue may be with the system date on the device. The system log error appears as follows:
"PAN-DB seed loading failed (Error: Peer certificate cannot be authenticated with known CA certificates)"
Check and correct the date on the system. If the device date or time is off significantly, then the certificate check fails when attempting to connect to the PAN-DB servers.
The error can also occur when the PAN-DB database in the cloud is unreachable. Try accessing https://s0000.urlcloud.paloaltonetworks.com from any device through the same connection. As shown below, a "400 Bad Request" error message indicates that the PAN-DB servers are reachable:
This error message could also occur if the PAN-DB Cloud application is being denied by a security policy.
To check go to Monitor > Logs >Traffic. Select the filter using “( app eq pan-db-cloud ) “, this should show if PAN-DB Cloud is being denied by a specific security rule:
Modify or create a security rule allowing the application PAN-DB Cloud. Now the URL DB can be downloaded.