Having troubles upgrading do to the break and inspect on the Palo Alto. Do you have a list of IP addresses / domains that should be added as exceptions to allow the upgrade to happens?
From what I’ve seen so far multiple IPs are in use and seem to be shared hosts such as Linode or something similar. This concerns me a bit as a source for updates as there are also Chinese / Russian sites resolving to these domains.
For example I was able to pull this update after adding this AWS IP address: 126.96.36.199. I just kept clicking update until it got around to trying this specific IP address again.