>
    Strata Copilot
    PAN-OS 11.1.13-h3 Addressed Issues
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. PAN-OS 11.1.13 Known and Addressed Issues
    4. PAN-OS 11.1.13-h3 Addressed Issues
    Download PDF

    PAN-OS 11.1.13-h3 Addressed Issues

    Table of Contents

    PAN-OS 11.1.13-h3 Addressed Issues

    PAN-OS® 11.1.13-h3 addressed issues.
    Issue ID
    Description
    PAN-316911
    (VM-Series firewalls on Amazon Web Services (AWS) environments only) Fixed an issue where a newly bootstrapped firewall required a management server restart, relicensing, or license push from Panorama to invoke the device certificate.
    PAN-315176
    Added an enable and disable CLI command to address an issue where the firewall experienced increased packet drops and slower performance after an upgrade due to high burst traffic.
    PAN-314061
    Fixed an issue where traffic was disrupted during IPSec rekey operations due to a 2 second delay in sending the DELETE message for the previous Security Association (SA) to the peer gateway after a new SA was negotiated.
    PAN-313850
    (PA-1400 Series firewalls in HA configurations only) Fixed an issue where a split-brain condition occurred and HA1/HA2 links went down while upgrading when the HA configuration used dataplane interfaces for HA1 and a combination of HSCI and Ethernet interfaces for HA2.
    PAN-313623
    Fixed an issue where the /opt/pancfg/mgmt/ssl/private/ directory on Palo Alto Networks devices with TPM support became 100% utilized due to an accumulation of undeleted .pub_pem files. This occurred because executing the show device-certificate status CLI command initiated a process that generated these files but failed to remove them, which prevented the fetching of new device certificates.
    PAN-311285
    (Firewalls in HA conditions only) Fixed an issue where a memory leak occurred related to the ospfd process, which caused RAM usage to continuously increase on active devices in an HA cluster until the device stopped responding, even after an HA failover.
    PAN-308507
    (Panorama managed firewalls only) Fixed an issue where the firewall intermittently failed to maintain active log forwarding streams to Cortex Data Lake even when duplicate logging and enhanced application logging were enabled.
    PAN-309300
    Fixed an issue where management plane system resources configuration size exceeded 28 MB for over 4 hours, and the following error message was displayed: Configuration size reaching device capacity limit.
    PAN-302654
    (Firewalls in active/passive HA configurations only) Fixed an issue where, when the HA configuration had multiple logical routers, static or connected routes redistributed into OSPF aged out in the LSDB, which caused the routes to be removed on peer OSPF neighbors.
    PAN-300423
    Fixed an issue where Data Processing Cards (DPCs) installed in slots 5 and 6 remained stuck in a starting state with the error Signal detected for port xeS5-DP0 but Link Down alerts, which resulted in device instability.
    PAN-298617
    Optimized the commit workflow to reduce the size of the effective configuration, resulting in lower memory consumption.
    PAN-296202
    (Firewalls in active/active HA configurations only) Added a log enhancement to capture an issue where, when a commit operation was in progress, newly deployed IP address tags that used the XML API were not immediately reflected in address group resolution, which delayed IP address mapping to address groups and caused traffic to be incorrectly allowed or denied.
    PAN-273158
    (PA-7000 Series firewalls only) Fixed an issue where an incorrect ASIC configuration caused silent packet drops or application slowness when receiving a mix of jumbo and non-jumbo packets.

    © 2026 Palo Alto Networks, Inc. All rights reserved.