Prisma Access
Prisma Access Addressed Issues
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Prisma Access Addressed Issues
Where Can I Use This? | What Do I Need? |
---|---|
|
|
The following topics describe issues that have been addressed in Prisma Access 5.0.
Prisma Access 5.0.1 Addressed Issues
Issue ID | Description |
---|---|
AIOPS-8130 | Fixed an issue where the Top 5 Prisma Access Location
widget showed exorbitant and incorrect numbers for the Bandwidth in
the Remote Networks and Service Connections section. |
CYR-38318 | Fixed an issue where the Withdraw Static
Routes if Service Connection or Remote Networks IPSec tunnel is
down choice was enabled by default and not
configurable. |
CYR-38250 | Fixed an issue where the Mobile Users—Explicit Proxy
Users (last 90 days) incorrectly displayed the same users as Mobile
Users—GlobalProtect. |
CYR-38191 | Fixed an issue where the Total ZTNA Access Objects"
widget incorrectly displayed the number of wildcards in addition to
correctly displaying normal FQDN applications, subnet-based
applications, and FQDN applications that were discovered as a result
of creating a wildcard rule. |
CYR-38034 | Fixed an issue where, if a ZTNA connector was
rebooted and if the corresponding connector group contained
applications with a Probing Type of
icmp ping or none ,
there could have been an impact on the traffic traversing the
rebooted ZTNA Connectors. |
CYR-37171 | Fixed an issue where an evaluation license for the
traffic replication feature could not be added on a production
tenant. |
CYR-36703 | Fixed an issue where users and user groups that were
configured in Traffic Steering rules were not tracked by the Cloud
Identity Engine's Directory Sync service. |
CYR-33707 | Fixed an issue where, if you changed Colo-Connect
service connection roles (for example, from Active/Active to
Active/Backup) and changed the bandwidth on VLANs at the same time,
an error displayed after a Commit and Push
operation. |
CYR-32713 | Fixed an issue where ZTNA Connector could fail to
retrieve the correct DNS configuration, which causes ZTNA connector
traffic to fail, when the following conditions apply:
|
Prisma Access 5.0.0-h33 Addressed Issues
Issue ID | Description |
---|---|
CYR-41857 | Fixed an issue where if the user did not configure
QoS profiles under Networks QoS Profile |
CYR-41569 | Fixed an issue where, when only one region was
onboarded in a Mobile Users—GlobalProtect deployment, removing a
location in that region resulted in a plugin validation
error. |
CYR-41472 | Fixed an issue in a multitenant environment where, if
users did not provide units for Remote Networks or Mobile User in
the sub-tenant creation tab, the error message displayed
Please specify a bandwidth for your Clean Pipe
deployment instead of Please
specify a bandwidth for your Remote Networks/Mobile
Users . |
CYR-39874 | Fixed an issue where an Explicit Proxy template was
created without Explicit Proxy being onboarded, which caused an
issue when Explicit Proxy was onboarded later. |
Prisma Access 5.0.0-h31 Addressed Issues
Issue ID | Description |
---|---|
CYR-41084 | Fixed an issue where, after disabling the Cloud
Identity Engine integration with Prisma Access, existing
Group Mapping Settings caused an error
upon commit. |
CYR-39553 | Fixed an issue where the Autonomous DEM AIOps
Allocated Total number was incorrect for multitenant setups. |
CYR-38605 | Fixed an issue where the rebranded Cortex Data Lake
name of Strata Logging Service was not displaying correctly. |
CYR-29408 | Fixed an issue where the Cloud Services plugin did
not manage SDWAN devices that were deployed in Fedramp
environments. |
Prisma Access 5.0.0-h22 Addressed Issues
Issue ID | Description |
---|---|
CYR-39599 | Fixed an issue where some columns in the Egress IP
Allowlist table displayed that were related to IPv6, even though the
IPv6 feature had not been enabled. |
Prisma Access 5.0.0-h21 Addressed Issues
Issue ID | Description |
---|---|
ARBI-2272 | Fixed an issue where clicking Active
Isolated Sessions (Status Remote Browser Isolation Active Isolated Sessions |
CYR-39908 | Fixed an issue where multi-tenant deployments could
not see the IP Optimization functionality in newly-added
tenants. |
CYR-39795 | Fixed an issue where, after installation of the Cloud
Services plugin, an Explicit Proxy Kerberos server profile
(default_server_profile) was installed by the __cloud_services user,
even though Explicit Proxy was not enabled. |
CYR-38814 | Fixed an issue where the Wildcard Top Down
Match Mode check box did not display in a Panorama
that manages Prisma Access in the Device Setup Management |
Prisma Access 5.0.0-h10 Addressed Issues
Issue ID | Description |
---|---|
CYR-38368 | Fixed an issue where, when you onboard a Service
Connection using CLI, it didn't show up in the selection dropdown
for the Traffic Steering Target window. |
CYR-38120 | Fixed an issue where all available locations did not
display in the list view in the Mobile Users—Explicit Proxy setup
page. |
CYR-38103 | Fixed an issue where the Backup
SC drop-down list did not have selectable options
due to a lack of a transport-type configuration in Service
Connection entries that were configured using CLI. |
CYR-37004 | Fixed an issue where panorama commit was failing with
a profiles -> dlp-data-profiles unexpected
here error after upgrading the Cloud Services
plugin from 3.2.1 to a 4.0.0 or later version. |
CYR-34770 | Fixed an issue where, if you configured multiple
portals in Prisma Access for the Mobile Users—GlobalProtect
deployment, you must also configure an authentication profile under
Client Authentication on all portals. |
Prisma Access 5.0.0 Addressed Issues
Issue ID | Description |
---|---|
CYR-39553 | Fixed an issue where the Autonomous DEM AIOps Allocated total
number is incorrect for multitenant setups. |
CYR-38068 | Fixed an issue where an integration may not happen
the first time a user tries to connect to "Managed Cloud WANs" in
the integration page. If this is the case, the user may have to
reenter the pairing key. |
CYR-37003 | Fixed an issue where, after upgrading the Panorama
that manages Prisma Access to 10.2, multitenant deployments had one
or more sub-tenants deleted after a local commit was performed.
Note that, after you install the plugin that contains this
hotfix and delete a tenant, the tenant is deleted locally on the
Panorama but its configuration remains in the Prisma Access
infrastructure. It is recommended that you backup your Panorama
configuration before you delete any sub-tenants. To completely
delete the tenant, reach out to your Palo Alto Networks account
representative or partner, who will contact the SRE team and
submit a request to delete the tenant from your
infrastructure. |
CYR-36709 | Fixed an issue where, when allocating bandwidth in
legacy mode (on a per-location basis) for Remote Networks,
onboarding of more than 250 RN sites was failing due to a SaaS agent
Exception. |
CYR-36121 | Fixed an issue where traffic steering network traffic
was being dropped due to a route asymmetry issue. |
CYR-35811 | Fixed an issue where a Commit and Push operation was
failing due to an empty subtenant ID for a newly added
subtenant. |
CYR-34173 | Fixed an issue where, when configuring multiple
GlobalProtect portals with Traffic Steering, you could not configure
Accept Default Routes over Service Connections Panorama Cloud Services Configuration Traffic Steering Settings Accept Default Route over Service
Connection |
CYR-34078 | Fixed an issue where, if you configured a Colo-Connect subnet
before configuring and performing a Commit and Push operation
for the Infrastructure Subnet, Colo-Connect Commit and Push
operations would fail. |
CYR-33815 | Fixed an issue where, to enable Source IP
based Visibility and Enforcement in Explicit Proxy,
you also had to enable Enable Agent Proxy
(for Prisma Access (Managed by Strata Cloud Manager) ) or Use GlobalProtect
Agent to Authenticate (for Panorama Managed Prisma
Access), even if you have not enabled the Explicit
Proxy-GlobalProtect agent functionality. |
CYR-33695 | Fixed an issue where traffic steering rules could not
be disabled or moved. In other cases, an No object to
edit in move handler error was encountered and no
changes could be applied to the traffic steering rule. |
CYR-33625 | Fixed an issue where, when configuring Colo-Connect for the first
time and performing a partial commit, you received a
'Colo_Connect_Device_Group' is
invalid error. |
CYR-33584 | Fixed an issue where, in a multi-tenant deployment,
if the first tenant's license expired, all sub-tenants license were
also marked as expired. |
CYR-33553 | Fixed an issue where the Connector availability graph shown under Monitor Data Centers ZTNA Connectors Connectors <connector-name> Device metric |
CYR-33539 | Fixed an issue where a new warning message displayed
during a commit when Explicit Proxy is configured in a deployment
with multiple tenants. |
CYR-33180 | Fixed an issue where, in order to use the Prisma
Access Explicit Proxy Connectivity in GlobalProtect for Always-On
Internet Security feature, you had to onboard at least one mobile
user gateway. |
CYR-32782 | Fixed an issue where, if you deleted a Colo-Connect
service connection and then Committed and Pushed your changes, it
could can take some time to delete Colo-Connect service
connections. |
CYR-32188 | Fixed an issue where, in Prisma Access Insights, the Connector
Availability graph for a given ZTNA Connector did not show up if
the IPSec tunnel between the connector and the ZTNA Tunnel
Terminator (ZTT) had been up without interruption for the last
24 hours. |
CYR-32170 | Fixed an issue where, when using ZTNA Connector,
diagnostic tools such as ping, traceroute and nslookup that are
accessible from the ZTNA Connector UI Connectors Actions Diagnostics |
CYR-32006 | Fixed an issue where, when using Dynamic DNS (DDNS) registration
using the Cloud Services plugin 3.2, nsupdate commands were not
working as expected, which caused issues with DDNS update
queries. |
CYR-31623 | Fixed an issue where only one Panorama HA pair could be
associated with a CDL instance. |
CYR-30610 | Fixed an issue where, in a Prisma Access multitenant
deployment, Commit and Push operations were failing because
subtenant IDs were not being populated correctly. |