>
    Strata Copilot
    Addressed Issues in Prisma SD-WAN ION Release 6.4
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma SD-WAN
    3. Prisma SD-WAN ION Device Release 6.4
    4. Addressed Issues in Prisma SD-WAN ION Release 6.4
    Download PDF
    Prisma SD-WAN

    Addressed Issues in Prisma SD-WAN ION Release 6.4

    Table of Contents

    Addressed Issues in Prisma SD-WAN ION Release 6.4

    Learn about the issues addressed in Prisma SD-WAN ION release 6.4.x.
    Learn more about the issues addressed in Prisma SD-WAN ION device release 6.4.

    Addressed Issues in Prisma SD-WAN ION Device Release 6.4.3

    The following section lists the issues addressed in Prisma SD-WAN ION Device Release 6.4.3 and various Hotfixes.

    Release 6.4.3

    Issue IDDescription
    CGSDW-35701Resolved an issue where the LAN egress-out route table entry was missing in Active ION post the switch-over. The issue was happening because the local route was removed when the device was in backup mode.
    CGSDW-27822Resolved an issue where global prefix advertisements were set to "None" when local BGP configurations were present. This occurred due to incorrect data handling during global configuration updates. The system now correctly preserves advertisement settings during BGP global updates.
    CGSDW-31832Resolved an issue where BGP sessions failed to re-establish following a service link flap.
    CGSDW-34703Resolved a memory leak in the bandwidth management server worker threads.
    CGSDW-30067Resolved an ION device crash in the dpdk-ctrl-port process when operating in L2 mode.
    CGSDW-36339Resolved an issue where the wanpaths database failed to migrate correctly during an ION device upgrade.
    CGSDW-36354Resolved an issue where App-ID updates failed due to memory allocation errors during DNS mapping.
    CGSDW-36123Resolved an issue where IPv6 BGP peer resets initiated from the controller were non-functional.
    CGSDW-36237Resolved an issue where LAN-to-WAN traffic dropped even when VPN paths were active.
    CGSDW-35970Resolved a performance regression where the flow controller took an extended time to update path reachability.
    CGSDW-32071Resolved an unexpected ION device reboot triggered by a configuration parsing exception.
    CGSDW-35543Resolved an issue where BGP peers failed to establish a connection for Custom VRF configurations.
    CGSDW-35622Resolved an issue where data traffic incorrectly egressed the DC ION device via the controller port.

    Hotfix Release 6.4.3-b8

    Issue IDDescription
    CGSDW-38328Resolved an issue in validating the certificates.
    CGSDW-38592Resolved an issue in IPv6 packet handling.
    CGSDW-35803Added the latest ADEM package to device software version 6.4.3-b8.

    Hotfix Release 6.4.3-b6

    Issue IDDescription
    CGSDW-36102Resolved an issue where the ION device could not achieve consistently high flows per second.

    Addressed Issues in Prisma SD-WAN ION Device Release 6.4.2

    The following section lists the issues addressed in Prisma SD-WAN ION Device Release 6.4.2 and various Hotfixes.

    Release 6.4.2

    Issue IDDescription
    CGSDW-23049Resolved an fp-rte crash on ION 9000 devices during the software upgrade process.
    CGSDW-25838Resolved significant traffic loss during HA switchovers in network environments using OSPF.
    CGSDW-26587Resolved an issue where a host in one VRF on the LAN side could access an IP address on the ION device in a different VRF.
    CGSDW-29208Resolved an issue where service links incorrectly utilized NAT flags from the interface database.

    Hotfix Release 6.4.2-b21

    Issue IDDescription
    CGSDW-36580Resolved an issue where the ION device could not achieve consistently high flows per second.

    Hotfix Release 6.4.2-b20

    Issue IDDescription
    CGSDW-34930Resolved an issue where BGP sockets were incorrectly closed after a service link flap.
    CGSDW-35000Resolved a failure in the dump-support command when capturing system logs on softlinked partitions.

    Hotfix Release 6.4.2-b19

    Issue IDDescription
    CGSDW-34640Resolved an issue on ION 3200-C5G-WW devices where the VPN daemon failed to start after an RMA.
    CGSDW-34233Resolved an issue where the flow-acceptance-criteria configuration lacked a maximum value.
    CGSDW-34006Resolved an issue on ION devices where interface gateway configurations failed to program on multiple sub-interfaces.
    CGSDW-33652Implemented improvements to the flow acceptance criteria logic.
    CGSDW-33974Resolved a failure to initiate BGP SYN requests following a software upgrade from 6.1.x.
    CGSDW-33778Resolved BGP session instability when utilizing secondary IP addresses as the update source.
    CGSDW-33860Resolved high CPU, latency, and packet loss issues on devices with large LAN subnets.
    CGSDW-33483Resolved a core fc monitor failure observed during HTTPS traffic testing.
    CGSDW-32372Resolved issues with DNS-based application identification and prediction.
    CGSDW-32928Resolved a ping failure following an HA switch-over on ION devices configured with bypass pairs.
    CGSDW-33065Resolved a failure to program the controller gateway following an ION device upgrade or reboot.
    CGSDW-32992Resolved an issue where flows were established before a valid TCP three-way handshake was completed.

    Hotfix Release 6.4.2-b18

    Issue IDDescription
    CGSDW-34640Resolved an issue on ION 3200-C5G-WW devices where the VPN daemon failed to start after an RMA.
    CGSDW-34233Resolved an issue where the flow-acceptance-criteria configuration lacked a maximum value.
    CGSDW-34006Resolved an issue on ION devices where interface gateway configurations failed to program on multiple sub-interfaces.
    CGSDW-33974Resolved a failure to initiate BGP SYN requests following a software upgrade from 6.1.x.
    CGSDW-33778Resolved BGP session instability when utilizing secondary IP addresses as the update source.
    CGSDW-33860Resolved high CPU, latency, and packet loss issues on devices with large LAN subnets.
    CGSDW-33483Resolved a core fc monitor failure observed during HTTPS traffic testing.
    CGSDW-32372Resolved issues with DNS-based application identification and prediction.
    CGSDW-32928Resolved a ping failure following an HA switch-over on ION devices configured with bypass pairs.
    CGSDW-33065Resolved a failure to program the controller gateway following an ION device upgrade or reboot.
    CGSDW-32992Resolved an issue where flows were established before a valid TCP three-way handshake was completed.

    Hotfix Release 6.4.2-b17

    Issue IDDescription
    CGSDW-32821Resolved an issue where a backup data center ION advertises branch prefixes when the VyOS peer flaps.
    CGSDW-32747Resolved an issue on HUB devices where the system incorrectly created entries for every site prefix added.
    CGSDW-32728Resolved an issue where the event_forward process was restarting on ION devices.
    CGSDW-32690Resolved an issue where the firewall sends a linkUp SNMP trap during an admin down action.
    CGSDW-32687Resolved an issue where memory usage increased in the element manager process.
    CGSDW-32684Resolved an issue on ION 3000 devices where non-DPDK cores showed 99% CPU utilization.
    CGSDW-32678Resolved an issue in the fast path routing engine that caused a crash during performance filtering.
    CGSDW-32651Resolved an issue where a deadlock in the emif process caused watchdog timeouts.
    CGSDW-32649Resolved an issue where interface address flapping caused BGP, VPN, or HA connections to flap.
    CGSDW-32645Resolved an issue where the Flow Controller crashed multiple times following an upgrade.
    CGSDW-32569Resolved an issue where the SNMP agent was not responding during high tunnel monitoring.
    CGSDW-32558Fixed an issue where appliances were not populating ARP responses on the WAN interface.
    CGSDW-32509Resolved a fast path routing engine crash caused by a race condition between threads.
    CGSDW-32105Resolved an issue where interface address flapping caused BGP or HA connections to flap.
    CGSDW-31920Resolved an issue where the fp-rte crashed during application path prefix removal.
    CGSDW-30052Resolved an issue where appliances were not populating ARP responses on the WAN interface.
    CGSDW-28530Resolved an issue where the Flow Controller crashed multiple times following an upgrade.
    CGSDW-27805Resolved an issue where the SNMP agent was not responding during high tunnel monitoring.
    CGSDW-30792Resolved a critical ION device crash associated with processing specific SMTP traffic.

    Hotfix Release 6.4.2-b16

    Issue IDDescription
    CGSDW-30565Resolved an issue where SD-WAN fabric VPN traffic was interrupted after a switchover event.
    CGSDW-29793Resolved an issue where two flows were created for traffic passing through a GRE tunnel.
    CGSDW-30550Resolved an issue where the fp-rte process experiences a memory leak or increase.
    CGSDW-31444Resolved an issue where you could not claim a device due to a micmac process failure.
    CGSDW-30124Resolved an issue where IPFIX data exported values of zero.
    CGSDW-31654Resolved an issue where the Flow Controller crashed at the pan_sml_vm_set_field_flag function.
    CGSDW-30467Resolved an issue where network flows were misclassified due to domain-based prediction.

    Hotfix Release 6.4.2-b15

    Issue IDDescription
    CGSDW-31152Resolved an issue where mic/test failed because the micmac process spawned multiple instances.
    CGSDW-30535Resolved an issue where a secure fabric was not correctly established during HA failover.

    Hotfix Release 6.4.2-b14

    Issue IDDescription
    CGSDW-28143Resolved an issue where the fp-rte process crashed when processing fragmented application traffic.

    Hotfix Release 6.4.2-b12

    Issue IDDescription
    CGSDW-29108Resolved an issue where VPN status did not update correctly in unreliable networks.

    Hotfix Release 6.4.2-b11

    Issue IDDescription
    CGSDW-23398Resolved an issue where SNMPv3 polling incorrectly displayed extra network interfaces.
    CGSDW-27923Resolved an issue on HUB devices where specific traffic from branches caused system crashes.

    Hotfix Release 6.4.2-b8

    Issue IDDescription
    CGSDW-29305Resolved an issue where service links incorrectly used the nat_present flag.
    CGSDW-29272Resolved an HA setup issue where connectivity took 20 minutes to establish after reboot.
    CDGSDW-29207Resolved an issue on Branch Gateways where application probes were incorrectly created.
    CGSDW-28960Resolved an issue where passive ION interfaces sent unauthorized ARP requests.
    CGSDW-28697Resolved an issue where the firewall created two flows for Service Link route leaking.
    CGSDW-27498Resolved an issue where the firewall was missing the default route on subinterfaces after reboot.

    Addressed Issues in Prisma SD-WAN ION Device Release 6.4.1

    The following section lists the issues addressed in Prisma SD-WAN ION Device Release 6.4.1 and various Hotfixes.

    Release 6.4.1

    Issue IDDescription
    CGSDW-22192Resolved a core fp-rte failure occurring when client-side traffic was abruptly stopped.
    CGSDW-24400Resolved a UserID Agent crash associated with IPv6 mapping configurations.
    CGSDW-15027Resolved incorrect SNMP interface bandwidth reporting following a software upgrade.
    CGSDW-20234Resolved an issue where virtual ION device interfaces failed to pass traffic correctly.
    CGSDW-23109Resolved a connection error preventing newly allocated ION devices from reaching the controller.
    CGSDW-29305Resolved an issue where service links incorrectly used the nat_present flag.
    CGSDW-29272Resolved an HA setup issue where connectivity took 20 minutes to establish after reboot.
    CDGSDW-29207Resolved an issue on Branch Gateways where application probes were incorrectly created.
    CGSDW-28960Resolved an issue where passive ION interfaces sent unauthorized ARP requests.
    CGSDW-28697Resolved an issue where the firewall created two flows for Service Link route leaking.
    CGSDW-27498Resolved an issue where the firewall was missing the default route on subinterfaces after reboot.

    Hotfix Release 6.4.1-b16

    Issue IDDescription
    CGSDW-28481Resolved a significant delay in internet connectivity for the HA controller interface.

    © 2026 Palo Alto Networks, Inc. All rights reserved.