Dynamic update check fails with message "generic communication error", though updates are successfully downloaded
17986
Created On 01/07/21 12:36 PM - Last Modified 06/08/23 08:43 AM
Symptom
- After clicking on "Check Now" button under Dynamic Updates section on the web UI of the firewall, it may fail with the message "Failed to check content upgrade info due to generic communication error. Please check network connectivity and try again."
- Device might have downloaded the content/AV/wildfire update, in spit of the error.
- Device might have downloaded the content/AV/wildfire update, in spit of the error.
- "Check Now" button under Software or GlobalProtect Client sections works well.
- Debug level management-server logs (accessed by "> less mp-log ms.log" in CLI) won't show any new message when content updates are triggered manually/scheduled.
Cause
- The IP/FQDN of the WildFire Private Cloud is not reachable.
- In the "ms.log" file scroll till you find the last time the "generic communication error" is seen in the logs, and you will see an error referencing "WF-Private" as below.
less mp_log ms.log 2020-10-01 10:30:19.731 +0200 updater error code:-1 2020-10-01 10:30:19.731 +0200 updater error code:-1 2020-10-01 10:30:19.731 +0200 Error: check_content_upgrade_info(pan_ops_content.c:3083): Failed to check WF-Private content upgrade info due to generic communication error 2020-10-01 10:30:19.731 +0200 updater error code:-1
Resolution
In order to resolve the issue the following actions can be taken:
- Check connectivity to the WildFire Private Cloud
- Make sure you have the correct IP/URL, and the URL is resolvable by the device
- Check the service route setting for the WildFire Private Cloud and make sure its going out of the correct interface