Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
EDL 取取任务无法在主动/被动对中排队 - Knowledge Base - Palo Alto Networks

EDL 取取任务无法在主动/被动对中排队

10035
Created On 06/12/19 21:52 PM - Last Modified 03/31/22 19:12 PM


Symptom


  • 问题发生在 FQDN 刷新后,我们在ms-logs文件中获取错误"更新错误代码-1"。
 
2019/03/26 10:10:29 medium general general 0 EDL(PPTR_EDL_Suspicious_Emails) Unable to fetch external dynamic list. Timeout was reached. Using old copy for refresh.
2019/03/26 10:10:29 medium general general 0 EDL(PPTR_EDL_LEGACY) Unable to fetch external dynamic list. Timeout was reached. Using old copy for refresh.
2019/03/26 10:10:29 medium general general 0 EDL(PPTR_EDL_LS_ISAO) Unable to fetch external dynamic list. Timeout was reached. Using old copy for refresh.
2019/03/26 10:10:29 medium general general 0 EDL(PPTR_EDL_TAP) Unable to fetch external dynamic list. Timeout was reached. Using old copy for refresh.

2019/03/26 10:04:20 medium general general 0 FW has lost connection to panorama, no log will be forwarded
2019/03/26 10:04:04 info general general 0 FqdnRefresh job enqueued. Enqueue time=2019/03/26 10:04:04. JobId=303579. . Type: Full

2019/03/29 17:03:53 info general general 0 EDL(PPTR_EDL_TAP) No changes to list file
2019/03/29 17:03:53 medium general general 0 EDL(PPTR_EDL_TAP) Unable to fetch external dynamic list. Timeout was reached. Using old copy for refresh.
2019/03/29 17:03:53 info general general 0 EDL(PPTR_EDL_Suspicious_Emails) No changes to list file
2019/03/29 17:03:53 medium general general 0 EDL(PPTR_EDL_Suspicious_Emails) Unable to fetch external dynamic list. Timeout was reached. Using old copy for refresh.


 


Environment


  • 2 帕洛阿尔托网络防火墙
  • 主动/被动
  • EDL 配置
  • 被动 firewall 配置如下:
    • 直接上网
    • 同步到对等


Cause


动态更新并不总是显示要同步,这可能会导致我们的多重作业队列问题,我们不能取消。 执行 firewall 这两项任务:被动成员的"下载和安装"和"对等同步",以队列到许多任务。 

 


Resolution


  • 如果两个主动/被动防火墙都配置为直接互联网访问并同步到对等,则 管理服务器重新启动或重新启动可解决问题。
  • 为了防止此问题再次发生,以及如果我们有两个防火墙的直接互联网接入,请建议取消选中"同步到点"。


Additional Information


QUICK REFERENCE GUIDE: HELPFUL COMMANDS
配置 Firewall 访问外部动态列表
参考: HA 同步
 


Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PM93CAG&lang=zh_CN&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language