Palo Alto Networks Knowledgebase: PAN-DB Error: URL Database Download Failed

PAN-DB Error: URL Database Download Failed

Created On 09/26/18 13:51 PM - Last Updated 02/07/19 23:45 PM
Device Management Initial Configuration Installation QoS Zone and DoS Protection


The PAN-DB URL database download fails with "URL database download: not available."



If the system log shows that a certificate error has occurred, the issue may be with the system date on the device. The system log error appears as follows:

"PAN-DB seed loading failed (Error: Peer certificate cannot be authenticated with known CA certificates)"



Check and correct the date on the system. If the device date or time is off significantly, then the certificate check fails when attempting to connect to the PAN-DB servers.


The error can also occur when the PAN-DB database in the cloud is unreachable. Try accessing from any device through the same connection. As shown below, a "400 Bad Request" error message indicates that the PAN-DB servers are reachable:


This error message could also occur if the PAN-DB Cloud application is being denied by a security policy.

To check go to Monitor > Logs >Traffic. Select the filter using “( app eq pan-db-cloud ) “, this should show if PAN-DB Cloud is being denied by a specific security rule:

Screen shot 1.png


Modify or create a security rule allowing the application PAN-DB Cloud. Now the URL DB can be downloaded.

Screen shot 2.png


owner: mbutt

  • Print
  • Copy Link

Choose Language