Prisma SD-WAN
Addressed Issues in Prisma SD-WAN ION Releases
Table of Contents
Expand All
|
Collapse All
Prisma SD-WAN Docs
-
-
- Prisma SD-WAN Key Elements
- Prisma SD-WAN Releases and Upgrades
- Use Copilot in Prisma SD-WAN
- Prisma SD-WAN Summary
- Prisma SD-WAN Application Insights
- Device Activity Charts
- Site Summary Dashboard
- Prisma SD-WAN Predictive Analytics Dashboard
- Prisma SD-WAN Link Quality Dashboard
- Prisma SD-WAN Subscription Usage
-
-
- Add a Branch
- Add a Data Center
- Add a Branch Gateway
- Secure Group Tags (SGT) Propagation
- Configure Circuits
- Configure Internet Circuit Underlay Link Aggregation
- Configure Private WAN Underlay Link Quality Aggregation
- Configure Circuit Categories
- Configure Device Initiated Connections for Circuits
- Add Public IP LAN Address to Enterprise Prefixes
- Manage Data Center Clusters
- Configure Secure SD-WAN Fabric Tunnels between Data Centers
- Configure Secure SD-WAN Fabric Tunnels between Branch Sites
- Configure a Site Prefix
- Configure Ciphers
- Configure a DHCP Server
- Configure NTP for Prisma SD-WAN
- Configure the ION Device at a Branch Site
- Configure the ION Device at a Data Center
- Switch a Site to Control Mode
- Allow IP Addresses in Firewall Configuration
-
- Configure a Controller Port
- Configure Internet Ports
- Configure WAN/LAN Ports
- Configure a Sub-Interface
- Configure a Loopback Interface
- Add and Configure Port Channel Interface
- Configure a PoE Port
- Configure and Monitor LLDP Activity and Status
- Configure a PPPoE Interface
- Configure a Layer 3 LAN Interface
- Configure Application Reachability Probes
- Configure a Secondary IP Address
- Configure a Static ARP
- Configure a DHCP Relay
- Configure IP Directed Broadcast
- VPN Keep-Alives
-
- Configure Prisma SD-WAN IPFIX
- Configure IPFIX Profiles and Templates
- Configure and Attach a Collector Context to a Device Interface in IPFIX
- Configure and Attach a Filter Context to a Device Interface in IPFIX
- Configure Global and Local IPFIX Prefixes
- Flow Information Elements
- Options Information Elements
- Configure the DNS Service on the Prisma SD-WAN Interface
- Configure SNMP
-
-
- Prisma SD-WAN Branch Routing
- Prisma SD-WAN Data Center Routing
-
- Configure an OSPF in Prisma SD-WAN
- Enable BGP for Private WAN and LAN
- Configure BGP Global Parameters
- Global or Local Scope for BGP Peers
- Configure a Route Map
- Configure a Prefix List
- Configure an AS Path List
- Configure an IP Community List
- View Routing Status and Statistics
- Distribution to Fabric
- Host Tracking
-
- Configure Multicast
- Create, Assign, and Configure a WAN Multicast Configuration Profile
- Configure Global Multicast Parameters
- Configure a Multicast Static Rendezvous Point (RP)
- Learn Rendezvous Points (RPs) Dynamically
- View LAN Statistics for Multicast
- View WAN Statistics for Multicast
- View IGMP Membership
- View the Multicast Route Table
- View Multicast Flow Statistics
- View Routing Statistics
-
- Prisma SD-WAN Branch HA Key Concepts
-
- Configure Branch HA with Gen-1 Platforms (2000, 3000, 7000, and 9000)
- Configure Branch HA with Gen-2 Platforms (3200, 5200, and 9200)
- Configure Branch HA with Gen-2 Embedded Switch Platforms (1200-S or 3200-L2)
- Configure Branch HA for Devices with Software Cellular Bypass (1200-S-C-5G)
- Configure Branch HA for Platforms without Bypass Pairs
- Configure Branch HA in a Hybrid Topology with Gen-1 (3000) and Gen-2 (3200) Platforms
- Configure HA Groups
- Add ION Devices to HA Groups
- Edit HA Groups and Group Membership
- Prisma SD-WAN Clarity Reports
-
-
CloudBlade Integrations
- CloudBlade Integrations
- CloudBlades Integration with Prisma Access
-
- Plan the Zscaler CloudBlade Deployment
- Acquire the Zscaler Information
- Create Security Zone and Security Policy for GRE Tunnels Creation
- Assign Tags to Objects in Prisma SD-WAN
- Validate the Zscaler Configuration
- Troubleshoot Installation Scenarios
- Troubleshoot Standard VPNs
- Enable, Pause, Disable, and Uninstall the CloudBlade
-
-
-
-
- clear app-engine
- clear app-map dynamic
- clear app-probe prefix
- clear connection
- clear device account-login
- clear dhcplease
- clear dhcprelay stat
- clear flow and clear flows
- clear flow-arp
- clear qos-bwc queue-snapshot
- clear routing
- clear routing multicast statistics
- clear routing ospf
- clear routing peer-ip
- clear switch mac-address-entries
- clear user-id agent statistics
-
- arping interface
- curl
- ping
- ping6
- debug bounce interface
- debug bw-test src-interface
- debug cellular stats
- debug controller reachability
- debug flow
- debug ipfix
- debug log agent eal file log
- debug logging facility
- debug logs dump
- debug logs follow
- debug logs tail
- debug performance-policy
- debug poe interface
- debug process
- debug reboot
- debug routing multicast log
- debug routing multicast pimd
- debug servicelink logging
- debug tcpproxy
- debug time sync
- dig dns
- dig6
- file export
- file remove
- file space available
- file tailf log
- file view log
- ssh6 interface
- ssh interface
- tcpdump
- tcpping
- traceroute
- traceroute6
-
- dump appaccel keys
- dump appaccel status
- dump appdef config
- dump appdef version
- dump app-engine
- dump app-l4-prefix table
- dump app-probe config
- dump app-probe flow
- dump app-probe prefix
- dump app-probe status
- dump auth config
- dump auth status
- dump banner config
- dump bfd status
- dump bypass-pair config
- dump cellular config
- dump cellular stats
- dump cellular status
- dump cgnxinfra status
- dump cgnxinfra status live
- dump cgnxinfra status store
- dump config network
- dump config security
- dump controller cipher
- dump controller status
- dump device accessconfig
- dump device conntrack count
- dump device date
- dump device info
- dump device status
- dump dhcp-relay config
- dump dhcprelay stat
- dump dhcp-server config
- dump dhcp-server status
- dump dhcpstat
- dump dnsservice config all
- dump dpdk cpu
- dump dpdk interface
- dump dpdk port status
- dump dpdk stats
- dump flow
- dump flow count-summary
- dump interface config
- dump interface status
- dump interface status interface details
- dump interface status interface module
- dump intra cluster tunnel
- dump ipfix config collector-contexts
- dump ipfix config derived-exporters
- dump ipfix config filter-contexts
- dump ipfix config ipfix-overrides
- dump ipfix config prefix-filters
- dump ipfix config profiles
- dump ipfix config templates
- dump lldp
- dump lldp config
- dump lldp info
- dump lldp stats
- dump lldp status
- dump log-agent eal conn
- dump log-agent eal response-time
- dump log-agent eal stats
- dump log-agent config
- dump log-agent iot snmp config
- dump log-agent iot snmp device discovery stats
- dump log-agent ip mac bindings
- dump log-agent neighbor discovery stats
- dump log-agent status
- dump ml7 mctd counters
- dump ml7 mctd session
- dump ml7 mctd version
- dump nat counters
- dump nat6 counters
- dump nat summary
- dump network-policy config policy-rules
- dump network-policy config policy-sets
- dump network-policy config policy-stacks
- dump network-policy config prefix-filters
- dump overview
- dump performance-policy config policy-rules
- dump performance-policy config policy-sets
- dump performance-policy config policy-set-stacks
- dump performance-policy config threshold-profile
- dump poe system config
- dump poe system status
- dump priority-policy config policy-rules
- dump priority-policy config policy-sets
- dump priority-policy config policy-stacks
- dump priority-policy config prefix-filters
- dump probe config
- dump probe profile
- dump radius config
- dump radius statistics
- dump radius status
- dump reachability-probe config
- dump qos-bwc config
- dump reachability-probe status
- dump routing aspath-list
- dump routing cache
- dump routing communitylist
- dump routing multicast config
- dump routing multicast igmp
- dump routing multicast interface
- dump routing multicast internal vif-entries
- dump routing multicast mroute
- dump routing multicast pim
- dump routing multicast sources
- dump routing multicast statistics
- dump routing multicast status
- dump routing ospf
- dump routing peer advertised routes
- dump routing peer config
- dump routing peer neighbor
- dump routing peer received-routes
- dump routing peer routes
- dump routing peer route-via
- dump routing peer status
- dump routing peer route-json
- dump routing prefixlist
- dump routing prefix-reachability
- dump routing route
- dump routing routemap
- dump routing running-config
- dump routing summary
- dump routing static-route reachability-status
- dump routing static-route config
- dump routing vpn host tracker
- dump security-policy config policy-rules
- dump security-policy config policy-set
- dump security-policy config policy-set-stack
- dump security-policy config prefix-filters
- dump security-policy config zones
- dump sensor type
- dump sensor type summary
- dump serviceendpoints
- dump servicelink summary
- dump servicelink stats
- dump servicelink status
- dump site config
- dump snmpagent config
- dump snmpagent status
- dump software status
- dump spoke-ha config
- dump spoke-ha status
- dump standingalarms
- dump static-arp config
- dump static host config
- dump static routes
- dump support details
- dump-support
- dump switch fdb vlan-id
- dump switch port status
- dump switch vlan-db
- dump syslog config
- dump syslog-rtr stats
- dump syslog status
- dump time config
- dump time log
- dump time status
- dump troubleshoot message
- dump user-id agent config
- dump user-id agent statistics
- dump user-id agent status
- dump user-id agent summary
- dump user-id groupidx
- dump user-id group-mapping
- dump user-id ip-user-mapping
- dump user-id statistics
- dump user-id status
- dump user-id summary
- dump user-id useridx
- dump vlan member
- dump vpn count
- dump vpn ka all
- dump vpn ka summary
- dump vpn ka VpnID
- dump vpn status
- dump vpn summary
- dump vrf
- dump waninterface config
- dump waninterface summary
-
- inspect app-flow-table
- inspect app-l4-prefix lookup
- inspect app-map
- inspect certificate
- inspect certificate device
- inspect cgnxinfra role
- inspect connection
- inspect dhcplease
- inspect dhcp6lease
- inspect dpdk ip-rules
- inspect dpdk vrf
- inspect fib
- inspect fib-leak
- inspect flow-arp
- inspect flow brief
- inspect flow-detail
- inspect flow internal
- inspect interface stats
- inspect ipfix exporter-stats
- inspect ipfix collector-stats
- inspect ipfix app-table
- inspect ipfix wan-path-info
- inspect ipfix interface-info
- inspect ip-rules
- inspect ipv6-rules
- inspect lqm stats
- inspect memory summary
- inspect network-policy conflicts
- inspect network-policy dropped
- inspect network-policy hits policy-rules
- inspect network-policy lookup
- inspect performance-policy fec status
- inspect performance-policy hits analytics
- inspect performance-policy incidents
- inspect performance-policy lookup
- inspect policy-manager status
- inspect policy-mix lookup-flow
- inspect priority-policy conflicts
- inspect priority-policy dropped
- inspect priority-policy hits default-rule-dscp
- inspect priority-policy hits policy-rules
- inspect priority-policy lookup
- inspect performance-policy incidents
- inspect performance-policy lookup
- inspect performance-policy hits analytics
- inspect process status
- inspect qos-bwc debug-state
- inspect qos-bwc queue-history
- inspect qos-bwc queue-snapshot
- inspect routing multicast fc site-iface
- inspect routing multicast interface
- inspect routing multicast mroute
- inspect security-policy lookup
- inspect security-policy size
- inspect servicelink conn
- inspect servicelink SA
- inspect switch mac-address-table
- inspect system arp
- inspect system ipv6-neighbor
- inspect system vrf
- inspect vpn status
- inspect vrf
- inspect wanpaths
-
-
6.5
- 5.6
- 6.1
- 6.2
- 6.3
- 6.4
- 6.5
- New Features Guide
- On-Premises Controller
- Prisma SD-WAN CloudBlades
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
Addressed Issues in Prisma SD-WAN ION Releases
Learn about the issues addressed in Prisma SD-WAN ION
releases.
This table lists addressed issues across Prisma SD-WAN ION
releases. Starting with 6.5.0 release, a separate Addressed Issues document will no
longer be published. Refer to this document for 6.5.0 and any supported release.
Releases marked with an asterisk (*) have reached End-of-Life (EoL). Review
the hardware and software End-of-Life (EoL) information for
products and releases that have reached End-of-Life (EoL) status.
| Issue ID | Description | Addressed in Release/(s) | Found in Release |
|---|---|---|---|
| CGSDW-30125 | Resolved an issue where a value of zero entered for Cache Size in the DNS profile from the web interface was not being pushed to the ION device. | 6.5.2 | 6.1.9 |
| CGSDW-29556 | Resolved an issue where remote login and service link connections were failing in FIPS mode on a device software upgrade to software version 6.3 or higher. | 6.5.2, 6.5.1, 6.4.2, 6.3.5 | 6.3.5 |
| CGSDW-29207 | Resolved an issue for WAN to WAN flow failures in Branch Gateway sites, where the app probe entries were being created with the flow's source port as the probe destination port. | 6.4.2, 6.5.1, 6.5.2 | 6.4.1, 6.5.1 |
| CGSDW-29116 | Resolved an issue of the fp-rte process restart, when the max number of VPNs for FEC were exceeded. | 6.3.5 | 6.3.4 |
| CGSDW-29042 | Resolved an issue wherein the LAN sub-interface/virtual interface on a standby ION device in an HA configuration was sending ARPs causing LAN disruption. | 6.3.5 | 6.3.5 |
| CGSDW-28712 | Resolved an issue where IP addresses were missing on interfaces. | 6.3.5 | 6.3.4 |
| CGSDW-28697 | Resolved an issue where two flows were being created for a VPN tunnel with global VRF configured. | 6.5.1 | 6.4.1, 6.5.1 |
| CGSDW-28458 | Resolved an issue where the ION Device was not passing traffic after the DEVICESW_CONCURRENT_FLOWLIMIT_EXCEEDED alarm was generated. | 6.5.1 | 6.4.1 |
| CGSDW-28329 | Resolved an issue where a backup DC ION device continued to advertise branch prefixes after a BGP reset. | 6.5.1, 6.1.9, 6.1.11, 6.3.5 | 6.1.9 |
| CGSDW-28214 | Resolved an issue wherein a stand-alone interface of the backup ION device connected via a bypass configuration to the active ION went down, when the active ION device was powered down. | 6.5.1, 6.4.2, 6.3.4, 6.1.10 | 6.1.10 |
| CGSDW-28187 | Resolved an issue where BGP was not being reestablished after a device reboot. | 6.1.11, 6.5.1 | 6.1.9 |
| CGSDW-28049 | Resolved an issue where the dump-support output and dump-support all commands did not capture the syslogs in the ION 9000 platform, if there was a soft link. | 6.5.1 | 6.3.3 |
| CGSDW-28036 | Resolved an issue where the VPN Object Identifiers were changing for every polling request. | 6.5.1, 6.1.11, 6.3.5 | 6.3.4 |
| CGSDW-27827 | Resolved an issue where event logs and SNMP alerts were triggered opposite to the action on the web interface. | 6.1.11, 6.5.1 | 6.1.10 |
| CGSDW-27805 | Resolved an issue of the SNMP agent not responding for a higher number of VPN tunnels. | 6.1.11, 6.5.2, 6.3.5 | 6.1.1 |
| CGSDW-27728 | Resolved an issue where the fp-rte process was crashing on an upgrade to software version 6.3.4. | 6.5.1 | 6.3.4, 6.5.1 |
| CGSDW-27697 | Resolved an issue where statistics were not displayed due to memory issues. | 6.5.1 | 6.4.2, 6.5.1 |
| CGSDW-27588 | Resolved an issue where the WAN Interface was displaying the ID instead of the name on the web interface. | 6.5.1 | 6.4.2 |
| CGSDW-27542 | Resolved an issue where the BGP was going down on the active ION device after an HA switchover after upgrading the software version to 6.3.4. | 6.3.5, 6.5.1 | 6.3.3 |
| CGSDW-27498 | Resolved an issue where the default route was missing on sub-interfaces after a device reboot. | 6.5.1 | 6.4.1 |
| CGSDW-27462 | Resolved an issue where application flow was being dropped after the application was detected on upgrading the device software to version 6.3.3. | 6.3.5 | 6.3.3 |
| CGSDW-27387 | Resolved an issue where traffic from a Standard VPN tunnel was not being routed to the branch over the fabric through the transit DC on the ION 9000 platform. | 6.3.5 | 6.3.3, 6.4.2 |
| CGSDW-27359 | Resolved an issue of missing application statistics, when a higher number of application performance SLA thresholds were configured. | 6.1.11, 6.3.5, 6.5.1 | 6.1.9 |
| CGSDW-27241 | After enabling logs for the flow controller, the logs are not rolling over correctly, thus using up all the space in the log directory. | 6.5.1 | 6.4.2 |
| CGSDW-26901 | Resolved an issue where the remote access session for the device toolkit was timing out and closing after logging in from the web interface. | 6.4.1, 6.4.2 | 6.4.1 |
| CGSDW-26686 | Resolved an issue where maximum segment size (MSS) clamping was not happening for a PPPoE interface with DPDK after upgrading from software version 5.6.9. | 6.1.11, 6.3.5 | 5.6.9 |
| CGSDW-26247 | Resolved an issue where the FC control thread was taking a lot of time to populate fib-leak entries in FIB scale. | 6.3.4 | - |
| CGSDW-26226 | Resolved an issue in which the BGP on a DC ION device did not advertise the /25 route to the core router after multiple VPN flaps (due to switchover in the branch). | 6.4.2, 6.3.4, 6.2.4, 6.1.10 | 6.4.1 |
| CGSDW-25838 | Expedited the OSPF process reset to ensure a quick re-establishment of neighborships. | 6.4.2 | 6.4.1 |
| CGSDW-25738 | Resolved an issue for IPFIX, wherein the socket connect was always binding to the device instead of the IP address for non-used-for-controller interfaces. | 6.4.2, 6.3.4 | - |
| CGSDW-25658 | Resolved an issue of the fp-rte process restarting which was leading to HA fail-over and instability of the device. | 6.5.1 | 6.3.2 |
| CGSDW-25586 | Resolved an issue where the GRE tunnel was not being established when in FIPS mode. | 6.4.2, 6.3.4, 6.1.10 | 6.4.1 |
| CGSDW-25179 | Resolved an issue wherein the LAN interface on a standby ION device in an HA configuration was sending ARPs causing LAN disruption. | 6.4.1 | |
| CGSDW-25152 | Resolved an issue where custom L3/L4 applications were not being detected properly for UDP traffic after an HA switchover. | 6.5.1, 6.4.2, 6.3.4, 6.1.10 | 6.3.2 |
| CGSDW-24973 | Some advertised prefixes are not displayed for a DC ION device after changing the site mode from Control to Disabled and then back to Control. | 6.4.1 | - |
| CGSDW-24875 | Fixed an issue where the LQM service was crashing. | 6.4.1 | 6.3.1 |
| CGSDW-24528 | Enhanced device logging to capture kernel activity in the event of a device restart. | 6.4.2 | - |
| CGSDW-24501 | Resolved issues of higher switchover periods in an HA setup. | 6.4.1 | - |
| CGSDW-24485 | Resolved an issue of FC crashing for flows with path type LAN_TO_PRIVATE_DIRECT. | 6.1.10 | 6.1.6 |
| CGSDW-24482 | Resolved an issue where HMAC integrity check was failing for the controller_ca_chain.pem. | 6.4.1, 6.2.4, 6.3.4 | |
| CGSDW-24400 | Resolved an issue where the User ID agent was crashing when there were IPv6 entries in NGFW. | 6.4.1, 6.3.4 | 6.4.1 |
| CGSDW-24273 | Resolved an issue where the v6 default routes for Internet and Private WAN were not being removed from the FIB entries even after powering down the interface. | 6.4.2, 6.3.4 | - |
| CGSDW-24269 | Resolved an issue where the APPLICATION_CUSTOM_RULE_CONFLICT incident was being raised for system applications. | 6.4.2, 6.3.4, 6.1.10 | 6.1.8 |
| CGSDW-24262 | Resolved an issue where a route, which was not necessarily the best route, was getting selected as the reachable route. | 6.4.1, 6.2.4, 6.3.4, 6.1.10 | 6.1.6 |
| CGSDW-24246 | Resolved an issue where the device shell bypass pair on the ION 9200 device was not being configured successfully. | 6.4.2 | 6.4.1 |
| CGSDW-24112 | Resolved an issue where some packages were being skipped for HMAC integrity check during boot up. | 6.4.1, 6.3.4 | - |
| CGSDW-24099 | Increased the VRF scale for device interfaces. | 6.4.2, 6.3.4 | 6.4.1 |
| CGSDW-24071 | Set the concurrent flow limit to 20K. | 6.4.1, 6.3.4 | 6.3.1 |
| CGSDW-23928 | Resolved an issue where the snmpwalk command was returning incorrect information. | 6.4.2, 6.3.4, 6.1.10 | 6.1.7 |
| CGSDW-23926 | Resolved an issue where SNMP walk was showing inconsistent interface operation status for switched ports. | 6.4.2, 6.1.10 | 6.1.7 |
| CGSDW-23921 | Resolved an issue where BGP sessions were not being re-established after a LAN switch reset for the ION 1200-S platform. | 6.4.1, 6.3.4, 6.1.10 | 6.3.2 |
| CGSDW-23881 | Resolved an issue for a potential DDoS vulnerability wherein the flows now time out correctly. | 6.5.1, 6.4.2, 6.3.4, 6.1.10 | 6.4.1 |
| CGSDW-23705 | Resolved an issue where stale entries for VPN paths were being retained in the lqm_results.state database. | 6.4.1, 6.3.4 | - |
| CGSDW-23608 | Optimized security policies to prevent the generation of core files for fp-rte. | 6.3.4 | 6.2.3 |
| CGSDW-23534 | Resolved an issue where the Ingress displayed a zero value for Bandwidth Utilization. | 6.4.2, 6.3.4, 6.1.10 | 6.1.5 |
| CGSDW-23508 | Resolved an issue where the app detection did not work as expected after upgrading to software version 6.1.6. | 6.1.9 | 6.1.6 |
| CGSDW-23493 | Added CPLD reset reasons to the device reboot reasons for better troubleshooting. | 6.4.1, 6.3.4, 6.1.10 | - |
| CGSDW-23429 | Resolved an issue where the remote terminal connection was failing with the used_for_controller interface. | 6.3.4 | 6.3.2 |
| CGSDW-23414 | Resolved an issue where the clear dhcp lease command was not deleting the DHCP leases. | 6.1.9 | 6.1.4 |
| CGSDW-23398 | Resolved an issue where extra interfaces were seen on SNMPv3 polling. | 6.4.2, 6.1.10 | 6.4.1 |
| CGSDW-23397 | Resolved an issue where the snmp_network_discovery service was restarting every hour on a device which had an attached SNMP discovery profile with an SNMPv3 configuration. | 6.3.4 | 6.3.1 |
| CGSDW-23395 | After upgrading to device software version 6.3.2-b5, the backup ION
device continues to attempt to establish a connection with the
controller. If controller port of the device next hop is pointing to ION
device LAN interface then use the following workaround for this
issue:
| 6.4.1, 6.3.4 | 6.3.2 |
| CGSDW-23390 | Added the latest ADEM package to device software version 6.1.9. | 6.1.9, 5.6.19 | - |
| CGSDW-23324 | Resolved an issue where the bypass pair Ethernet port configuration was reset after being assigned to a device shell. | 6.4.2 | 6.4.1 |
| CGSDW-23221 | Resolved an issue where the ionhwd process was consuming a lot of memory. | 6.4.1, 6.3.4 | 6.2.3 |
| CGSDW-23109 | Resolved an issue where newly allocated devices were not able to connect to the controller. | 6.4.1 | - |
| CGSDW-23098 | Resolved an issue where overlapping IP addresses were not working as expected in VRF. | 6.4.1, 6.3.4 | - |
| CGSDW-23049 | Resolved an issue where core files were being generated when the device was being upgraded. | 6.4.2, 6.3.4, 6.1.10 | 6.4.1 |
| CGSDW-23031 | Resolved an issue of memory leak in the FC User App logic. | 6.4.1, 6.1.9, 6.3.4 | - |
| CGSDW-22700 | Resolved an issue where the branch ION device acting as a DHCP relay in a custom VRF configuration was not forwarding requests to the DHCP server at the DC ION device. | 6.4.1, 6.3.4 | 6.3.2 |
| CGSDW-22659 | The system does not display the correct interface speed for interfaces where no link is detected, i.e. when the operational status is down. | 6.4.2 | 6.1.1 |
| CGSDW-22633 | Fixed memory issues that were being caused due to security policy configuration. | 6.3.4, 6.1.10 | 6.1.9 |
| CGSDW-22389 | Resolved an issue where the app probe remained operational after a firewall was removed from the active path. | 6.4.1, 6.3.4 | 6.3.2 |
| CGSDW-22281 | Resolved an issue where the application reachability probes were crashing on a branch ION device. | 6.4.1, 6.3.3, 6.3.4 | - |
| CGSDW-22281 | Resolved an issue where the application reachability probes were crashing on a branch ION device. | 6.4.1, 6.3.3, 6.3.4 | - |
| CGSDW-22259 | Resolved an issue where SNMPv3 was not polling all the interfaces on the ION 9200 platform. | 6.2.4, 6.1.9, 6.3.4 | 6.1.7 |
| CGSDW-22192 | Resolved an issue where core files were being generated and the device was losing connectivity with the controller when traffic on the client side was abruptly stopped and restarted. | 6.4.1, 6.3.3, 6.3.4 | 6.3.2 |
| CGSDW-22072 | Resolved an issue where the rtr_mgr_api process was holding a lot of memory. | 6.4.1, 6.1.9, 6.3.4 | 6.1.6 |
| CGSDW-22070 | Resolved an issue where the statistics server was taking too long to respond to requests for statistics from SCM. | 6.1.9 | 6.1.7 |
| CGSDW-21868 | Resolved an issue where the outbound SSH6 was not working on the ION device. | 6.4.1, 6.3.2 | 6.3.1 |
| CGSDW-21836 | Resolved an issue where the VRF creation was failing if the SVI name was longer than nine characters. | 6.4.1 | 6.3.1 |
| CGSDW-21698 | Resolved an issue where the static ARP was not getting added on the new active device during an HA switchover. | 6.3.2 | - |
| CGSDW-21607 | Resolved a possible sequencing problem that could arise in the ION device if the VRF profile configuration was done after the interface configuration. | 6.4.1, 6.3.2 | 6.3.1 |
| CGSDW-21580 | Resolved an issue where the backup ION device was unable to connect to the controller in an HA deployment. | 6.3.2 | 6.3.1 |
| CGSDW-21512 | Enabled default behavior for the bypass pair latch only in the following scenarios:The device is a backup device in an HA group.The device is powered off. | 6.1.9, 6.3.4 | 6.1.1 |
| CGSDW-21451 | After being assigned to a site, the ION device does not receive the VRF context in time. This causes incorrect mapping between interfaces and VRFs. | 6.4.1 | 6.3.1 |
| CGSDW-21409 | FC crashes when many app-map entries are being created, modified, or deleted in parallel. Resolved an issue where the FC was crashing when many app-map entries were being created, modified, or deleted in parallel. | 6.4.1, 6.3.2, 6.1.9 | 6.1.6 |
| CGSDW-21381 | Removed the unused memory which was allocated for the app-id-elem objects. | 6.3.2 | 6.3.1 |
| CGSDW-21320 | Resolved an issue where the ION device did not respond to DHCP until it was rebooted or there was a change in configuration. | 6.4.1, 6.2.4, 6.1.9, 6.3.4 | 6.2.2 |
| CGSDW-21300 | Resolved an issue where the DHCP server wasn't working with the controller and the LAN interface in the same subnet. | 6.3.2 | 6.3.1 |
| CGSDW-21181 | Added support for AWS IMDSv2 for metadata. | 6.3.3 | 6.3.1 |
| CGSDW-21176 | Resolved an issue where the SVI interface did not pass traffic. | 6.4.1, 6.2.4, 6.1.9, 6.3.4 | 6.1.5 |
| CGSDW-21119 | Resolved an issue where the bypass pair ports of a device remained in the bypass pair mode even after the device was declaimed. | 6.3.1, 6.3.2, 6.2.4, 6.1.9 | 6.3.1 |
| CGSDW-21116 | Resolved an issue where the outbound SSH was not supported on the used-for-controller interface. | 6.3.2 | 6.3.1 |
| CGSDW-21115 | Resolved an issue where the FEC action was not being displayed in the Flow Browser for inbound (DC to branch) traffic. | 6.3.4 | 6.3.1 |
| CGSDW-21088 | Resolved an issue where the static ARP entry was incorrectly added on the standby ION device. | 6.3.2 | 6.3.1 |
| CGSDW-21025 | Resolved an issue where the VPN path was not correct in the performance policy path after detaching and reattaching the circuit on the parent interface. | 6.3.2 | 6.3.1 |
| CGSDW-20864 | If the only prefix of a VRF at a branch site is deleted, then the entries leaked to the DC site for the specific VRF are also deleted. The workaround is to configure at least one dummy global prefix for the VRF at the branch site. | 6.3.2 | 6.3.1 |
| CGSDW-20824 | Reduced the downtime in tunnel establishment, such that the ION device re-initiates a new SA with the peer as soon as three tunnel probes fail. | 6.4.1, 6.1.9, 6.3.4 | 6.1.6 |
| CGSDW-20807 | Resolved an issue where the FIB VPN entries for global VRF were not seen on upgrading the device to software version 6.3.1. | 6.3.2 | 6.3.1 |
| CGSDW-20671 | Resolved an issue where incidents related to RADIUS server were raised even when a RADIUS server was not configured. | 6.3.2, 6.1.7 | 6.1.6 |
| CGSDW-20649 | Resolved an issue where the SNMP daemon process was slowly consuming the memory in the ION device suggesting a possible memory leak. | 6.3.2, 6.2.4, 6.1.7 | 6.3.1 |
| CGSDW-20631 | Resolved an issue where the log-agent was not processing all the DHCP messages received from the log-collector-client. | 6.3.2 | 6.3.1 |
| CGSDW-20382 | Assessed that the ION device is not impacted by OpenSSH:CVE-2023-51385 and CVE-2023-51767. | 6.3.2, 6.1.8 | 5.6.11 |
| CGSDW-20241 | Resolved an issue of packet loss on ICMP traffic on the non-default VRF. | 6.3.2 | 6.2.2 |
| CGSDW-20234 | Resolved an issue where a virtual interface with sub-interfaces was not passing traffic. | 6.4.1, 6.1.9, 6.3.4 | 6.1.6 |
| CGSDW-20223 | Resolved an issue where the signal strength for the cellular network was displayed incorrectly on the web interface and CLI. | 6.4.1, 6.2.4, 6.1.7 | 6.1.5 |
| CGSDW-19987 | Resolved an issue where the default signature file was packaged with an incorrect name causing the app-engine to restart. | 6.3.1, 6.1.9 | 6.1.6 |
| CGSDW-19834 | Resolved an issue where the TCP connection was not being terminated by the controller during a device reboot. | 6.3.1, 6.3.2, 6.2.4, 6.1.7 | - |
| CGSDW-19833 | Disabled NR5G SA mode and enabled NR5G NSA mode for 5G IPv6 connectivity. | 6.4.1, 6.1.9, 6.3.4 | 6.3.1 |
| CGSDW-19778 | Resolved an issue where the blobfish process kept on restarting during remote access of the ION device. | 6.3.1, 6.2.4, 6.1.7 | - |
| CGSDW-19707 | Resolved an issue where the Standard VPN path was not displayed in the list of paths when configured through easy onboarding. | 6.3.1, 6.1.7 | 6.1.1 |
| CGSDW-19674 | Resolved an issue where the fc-monitor, fp-metrics, and fp-scm processes were crashing due to buffer overflow in DPDK. | 6.3.1, 6.1.7 | 6.1.5 |
| CGSDW-19628 | Resolved an issue where return traffic was not seen from the DC ION to the branch ION device. | 6.4.1, 6.3.2, 6.2.4, 6.1.9 | 6.1.1 |
| CGSDW-19582 | Resolved an issue of tunnel detection and ADEM operability during the easy onboarding process. | 6.3.1, 6.1.6, 6.1.7 | 6.1.6 |
| CGSDW-19542 | Assessed that the ION device is not vulnerable to a Terrapin attack (CVE-2023-48795). | 6.3.2, 6.1.8, 5.6.19 | 5.3.1 |
| CGSDW-19493 | Resolved an issue where the health events prefix shows the prefix in reverse order. | 6.1.6 | - |
| CGSDW-19485 | Resolved an issue where ADEM was not working after enabling easy onboarding. | 6.3.1, 6.4.1 | - |
| CGSDW-19473 | Resolved an issue of FC restarting after 3 days of running scan tests on interfaces. | 6.1.6 | - |
| CGSDW-19466 | Resolved an issue wherein the device to controller connection was taking a long time to establish after a reboot. | 6.3.1 | - |
| CGSDW-19427 | Resolved an issue where the FC was crashing if the clear user-app-session all CLI command was executed during interface scanning. | 6.4.1, 6.1.9 | 6.1.6 |
| CGSDW-19357 | When a DC ION receives routes for a /32 prefix from both the underlay and overlay, the DC ION tries to split the route and thus the BGP route selection process fails. | 6.5.1 | 6.1.5 |
| CGSDW-19353 | Resolved an issue where Path App Prefix Stats can be avoided for network scan. | 6.1.6 | - |
| CGSDW-19255 | Resolved an issue where the fp-rte process was crashing when the RTE memzone limits were exceeded. | 6.1.6 | 6.1.5 |
| CGSDW-19237 | Resolved an issue where the FC was crashing due to stack corruption in ION 5200. | 6.1.7 | 6.1.4 |
| CGSDW-19206 | Resolved an issue where the device interface was flapping with 1000/Full-Cisco switch and 100/10 Full config. | 6.3.1, 6.1.6, 6.2.4 | 6.1.6 |
| CGSDW-19117 | Resolved an issue where the LQM session wasn't get reestablished after a vpnd process crash. | 6.5.1 | 6.1.2, 6.1.3 |
| CGSDW-19102 | Resolved an issue where the FC crashed on ION 9200 due to large number of security rules. | 6.3.1, 6.1.6 | - |
| CGSDW-19044 | Resolved an issue where the ION device was blocking the flow for a custom application due to flow re-classification. | 6.1.6 | 6.1.5 |
| CGSDW-19043 | Resolved an issue that was causing the fp-rte process to crash on using the clear user-app-session command multiple times. | 6.1.6 | 6.1.5 |
| CGSDW-19015 | Resolved an issue where the ION device was not able to process large packets on the ION 1000, 2000, and 3000 platforms. | 6.1.6 | 6.0.1* |
| CGSDW-18982 | Resolved an issue where fp-rte process crashed due to an exception packet. | 6.1.6 | - |
| CGSDW-18954 | Resolved an issue where IPFIX was not working when the controller interface was configured as the source interface. | 6.3.2 | 6.3.1 |
| CGSDW-18876 | Resolved an issue where the SNMP agent on the ION device was restarting with multiple error logs. | 6.1.6 | 6.1.4 |
| CGSDW-18816 | Resolved an issue of interface flapping on the ION device after a device software upgrade. | 6.3.1, 6.1.6 | 6.1.5 |
| CGSDW-18768 | Resolved an issue where FC crashed due to ingress QoS. | 6.1.6 | 6.1.5 |
| CGSDW-18490 | Resolved an issue where the FC was crashing when the security policy rules list counter exceeded 256. | 6.1.6 | 6.1.4 |
| CGSDW-18350 | Resolved an issue where the ION device was dropping LAN-to-LAN traffic due to security policy configuration. | 6.1.6 | 6.1.4 |
| CGSDW-18252 | Resolved an issue where the cellular failover to another SIM degraded the performance until a device reboot, modem restart or radio restart was performed. | 6.1.6 | - |
| CGSDW-18164 | Resolved an issue where the FC was crashing due to a VPN interface being mapped to multiple VPN links. | 6.1.6 | - |
| CGSDW-18158 | Resolved an issue where dot1xmgr process was consuming high CPU in the ION 1200-S device. | 6.3.1, 6.1.6 | 6.1.5 |
| CGSDW-18154 | Resolved an issue where ION 1200-C5G-exp didn't support ION 6.1.5-b1 version. | 6.1.6 | 6.1.5 |
| CGSDW-17904 | Resolved an issue where the dump interface status command did not display the Supported Link modes and the Advertised Link modes. | 6.3.2 | - |
| CGSDW-17886 | Resolved an issue where a default route was missing in the route table for ION devices with VRF enabled. | 6.3.1 | - |
| CGSDW-17652 | Resolved an issue where the LAN to LAN traffic was not flowing. | 6.2.3 | - |
| CGSDW-17641 | Resolved an issue where the interface did not display the IPv6 DNS Server details although the interface was enabled to receive autoconf information. | 6.2.3 | - |
| CGSDW-17572 | Resolved an issue where the virtual interface couldn't be used for HA topology in the 6.1.x versions. | 6.1.6 | 6.1.4 |
| CGSDW-17571 | Resolved an issue where incorrect WAN paths were accounted for in the flows. | 6.3.1, 6.1.6 | - |
| CGSDW-17461 | Resolved an issue with the programming of the VLAN on the trunk port that carries the HA control traffic. | 6.2.3 | - |
| CGSDW-17418 | Resolved an issue where the ION 5200 and 9200 devices were unable to handle oversize packets. | 6.2.3, 6.1.5 | 6.1.3 |
| CGSDW-17361 | Implemented a change to handle BGP attributes. | 6.2.3 | - |
| CGSDW-17345 | Resolved an issue where the device in an unclaimed state was not sending software upgrade states to the controller. | 6.1.9 | - |
| CGSDW-17284 | Resolved an issue where the FC was crashing due to ADEM. | 6.2.3 | - |
| CGSDW-17214 | Resolved an issue where setting a custom value for fib_admin_distance displayed an error on the DC ION device. | 6.2.3 | - |
| CGSDW-17138 | Fixed a BGP attribute that was seen as corrupted. | 6.1.5 | - |
| CGSDW-17125 | Resolved an issue where the controller ARP entry was missing on the ION device gateway. | 6.1.9 | - |
| CGSDW-17094 | Resolved an issue of traffic dropping on an ION 2000 device during the switchover back to the active device in an HA setup. | 6.1.5 | - |
| CGSDW-17031 | Resolved an issue where the fc-monitor process crashed on ION 2000 during port scanning and restart with an out of memory error. | 6.1.6 | 6.1.5 |
| CGSDW-16971 | Resolved an issue of delay in VPN tunnel establishment when using same IP addresses for bypass pairs in branch HA. | 6.3.1 | - |
| CGSDW-16947 | Resolved an issue where fp-rte core files were being generated for traffic from a number of applications with WAN impairments. | 6.2.3 | - |
| CGSDW-16932 | Updated Zoom Phone application definition with additional prefixes. | 6.3.1 | - |
| CGSDW-16839 | Resolved an issue where the app-engine was consuming high memory during high traffic flows. | 6.1.5 | - |
| CGSDW-16836 | Resolved a memory leak caused by the stpstat process. | 6.2.3, 6.1.5 | 6.1.3 |
| CGSDW-16717 | Resolved an issue where the fp-rte process was crashing if the packet size was larger than 16384. | 6.2.3, 6.1.5 | - |
| CGSDW-16681 | Resolved an issue where the emif process was crashing on VFF. | 6.2.3 | - |
| CGSDW-16647 | Optimized traffic loss that occurred during reboot of the device with hardware bypass pairs. | 6.2.3 | - |
| CGSDW-16391 | Resolved an issue where the FC monitor was crashing after upgrading from the device from software version 5.6.13 to 6.1.3-b1. | 6.2.3 | - |
| CGSDW-16280 | Resolved an issue wherein the DC ION device did not forward traffic to the mgmt-vlan prefix if the management port of the core switch went down. | 6.2.3, 6.1.5 | - |
| CGSDW-16269 | Resolved an issue where high payload traffic sent over Private WAN VPN with a high throughput was dropping. | 6.3.1, 6.2.3, 6.1.5 | - |
| CGSDW-16246 | Resolved an issue where (SACK) block truncated warnings were seen in the log messages. | 6.2.3 | - |
| CGSDW-16172 | Resolved an issue wherein the ION device with ZBFW was treating the first packet block differently for LAN-to-LAN and LAN-to-WAN traffic. | 6.3.1, 6.1.7 | - |
| CGSDW-16031 | There is a delay in bringing down the BGP peer of a data center ION device when the remote end of the interface is shut down. | 6.1.5 | 6.1.4 |
| CGSDW-16005 | Resolved an issue where the app-engine was crashing on an ION 2000 device during continuous traffic flow. | 6.1.5 | 6.1.4 |
| CGSDW-16003 | Resolved an issue where the FC was crashing due to the ADEM process. | 6.1.5 | - |
| CGSDW-15988 | On upgrading the device software, a parent interface with more than 20 subinterfaces flaps, resulting in flapping of the IP addresses of the subinterfaces. | 6.1.5 | 6.1.4 |
| CGSDW-15970 | When rebooting the active device in an HA configuration on the 2000 platform, the bypass pair of the active device does not pass traffic during reload. | 6.1.5 | 6.1.4 |
| CGSDW-15969 | Resolved an issue where the subinterface was operational in spite of shutting down the remote parent interface on the 1200-S/3200/5200/9200 platforms. | 6.2.3, 6.1.4 | - |
| CGSDW-15967 | High memory consumption by the ADEM process causes ION device reboot. | 6.3.2, 6.1.7 | 6.1.5 |
| CGSDW-15868 | Resolved an issue wherein high memory consumption by the ADEM process was causing other processes to crash and device to reboot. | 6.2.3, 6.1.5 | 6.1.4 |
| CGSDW-15828 | Resolved an issue where the alarm for Power Supply Unit (PSU) removal was not working for the ION 5200 and 9200 devices. | 6.2.3, 6.1.5 | - |
| CGSDW-15663 | Resolved an issue where the thmgr process did not start after upgrading the device software version. | 6.2.3, 6.1.5 | - |
| CGSDW-15661 | Resolved an issue where memory leak was observed in the VPN process. | 6.3.1, 6.2.3, 6.1.4 | - |
| CGSDW-15650 | Resolved an issue where the software version 6.2.x was not compatible with ADEM for the ION 2000 device. | 6.2.3 | - |
| CGSDW-15623 | Resolved an issue where the FC process was restarting on the ION device. | 6.1.5 | - |
| CGSDW-15529 | Resolved an issue where the per BGP peer statistics table did not have any data. | 6.2.3, 6.1.5 | - |
| CGSDW-15397 | Resolved an issue where explicit rule ordering was not taking precedence over implicit rule ordering for User ID based policies. | 6.2.3 | - |
| CGSDW-15393 | Addressed an issue where the Advertised auto-negotiation mode duplex setting was erroneously set to Yes following a reboot of the ION device through the web interface. | 6.2.3, 6.1.5 | - |
| CGSDW-15339 | Resolved an issue wherein FC crashes were occurring due to a high volume of subinterfaces. | 6.1.4 | - |
| CGSDW-15258 | Resolved an issue where the device went offline intermittently due to restart of the FC process. | 6.3.1, 6.2.3, 6.1.4 | - |
| CGSDW-15257 | Resolved an issue wherein previously reachable prefixes from a DC ION device became unreachable after upgrading the device software to version 6.1.2. | 6.1.5 | 6.1.4 |
| CGSDW-15238 | Resolved an issue where the fp-metrics process was crashing on clearing flows on the ION device during traffic flow. | 6.1.5 | - |
| CGSDW-15212 | Resolved an issue where a subinterface on a virtual ION device with DPDK was not passing traffic. | 6.3.1, 6.1.6 | - |
| CGSDW-15201 | Resolved an issue where the ingress capacity bandwidth calculation was displaying as zero for some WAN links. | 6.3.1, 5.6.15, 6.2.3, 6.1.4 | - |
| CGSDW-15155 | Resolved an issue where the traffic would take more than 20 seconds to resume after rebooting the active ION device in an HA deployment. | 6.2.3 | - |
| CGSDW-15039 | Resolved an issue where the domain names were not displayed for Applications on the Flows tab. | 6.2.3, 6.1.5 | - |
| CGSDW-15028 | Resolved an issue where the Radius attribute Service-Type needed to be set to Callcheck for successful MAC authentication. | 6.2.2 | 6.2.1 |
| CGSDW-15027 | Resolved an issue where the SNMP interface bandwidth was being reported incorrectly after upgrading the device software version from 5.6.x. | 6.4.1, 6.3.2, 6.1.7 | 6.1.6 |
| CGSDW-14980 | Resolved an issue where custom applications with L3/L4 prefixes were not detected when used in security policies. | 6.2.3, 6.1.4 | 6.1.2 |
| CGSDW-14766 | Resolved an issue wherein the configuration for a BGP peer wasn't removed on deleting the BGP peer. | 6.3.1, 6.1.4 | - |
| CGSDW-14737 | Resolved an issue where the Local AS # was not getting updated correctly in the BGP configuration. | 6.2.2, 6.1.4 | - |
| CGSDW-14698 | Provided the ability to shut down PoE operations when the device CPU temperature rose above 85 degrees C. | 6.2.3 | - |
| CGSDW-14509 | Resolved an issue where the interface MAC address configuration was out of sync if the address was configured when the interface was down. | 6.2.3, 6.1.6 | - |
| CGSDW-14432 | The fp-rte process crashes when fetching information on security policy counters and app stats. | 6.2.2, 6.1.6 | 6.1.1 |
| CGSDW-14344 | Resolved an issue where the FC process was crashing when traffic was initiated on an idle ION device. | 6.3.1, 6.2.2, 6.1.3 | - |
| CGSDW-14342 | Resolved an issue where branch to branch VPNs could not be created for the ION 1200-S device. | 6.2.3, 6.1.5 | - |
| CGSDW-14341 | Resolved an issue where the Flow Controller was crashing frequently due to a security policy on a branch ION device. | 6.1.3 | - |
| CGSDW-14208 | Resolved an issue where the data center ION device was forwarding traffic incorrectly. | 6.2.2, 6.1.3 | - |
| CGSDW-14164 | SNMP support extended for ION-1200-C-5G-EXP. | 6.2.3 | - |
| CGSDW-14120 | Resolved an issue where the Flow Controller kept on restarting. | 6.2.2, 6.1.3 | - |
| CGSDW-14009 | Resolved an issue where the HA LED did not light up. | 6.2.2, 6.1.3 | - |
| CGSDW-13982 | Provided an option to disable tunnel reoptimization based period tunnel latency checks. | 6.1.4 | - |
| CGSDW-13819 | Resolved an issue of fc-monitor crash wherein the time taken by fc-control thread to report to fc-monitor thread was being incorrectly evaluated. | 6.2.2, 6.1.3 | - |
| CGSDW-13805 | Resolved an issue wherein received BGP routes were getting filtered in case of uneven route lengths. | 6.2.3, 6.1.5 | - |
| CGSDW-13760 | Resolved an issue where the FC process would restart on ION device version 6.0.1-b70. | 6.1.3 | - |
| CGSDW-13720 | Resolved an issue where the IPv4 details for an interface obtained via DHCP changed, when Autoconf was used for IPv6 configuration of the interface. | 6.2.2 | - |
| CGSDW-13533 | Resolved an issue where the SNMP agent was crashing if the platform did not support certain LLDP MIBs. | 6.1.3 | - |
| CGSDW-13486 | Resolved an issue where the SNMP agent failed to start after upgrading the ION device. | 6.2.2, 6.1.3 | - |
| CGSDW-13424 | Resolved an issue where the flow controller was crashing due to incorrect source prefixes configured in the security policy rule. | 6.1.3 | - |
| CGSDW-13415 | Resolved an issue where the CPU utilization value on the front panel of the device differed from the value on the web interface. | 6.2.2, 6.1.3 | - |
| CGSDW-13412 | Resolved an issue where an FC process was crashing when trying to forward a flow which was marked for deletion. | 6.1.3 | - |
| CGSDW-13397 | Resolved an issue where the FC was crashing during a TCP SYN scan. | 6.2.3, 6.1.6 | 6.1.5 |
| CGSDW-13297 | Resolved an issue where the DHCPv4 server did not start on an interface, if the interface was configured as a relay agent earlier. | 6.2.2 | - |
| CGSDW-13238 | Resolved an issue where the inspect flow internal command was not working. | 6.2.2 | - |
| CGSDW-13161 | Resolved an issue where the software bypass was not working after an FC restart for the ION 3200 device. | 6.2.3, 6.1.9 | - |
| CGSDW-12977 | Resolved an issue that was causing a missing ARP entry for the controller gateway on reload/upgrade to version 5.6.11. | 6.2.2, 6.1.3 | - |
| CGSDW-12960 | Resolved an issue where Prisma SD-WAN tunnel would not form when using a Virtual Interface on a Data Center ION device. | 6.2.1, 6.1.3 | - |
| CGSDW-12802 | Resolved an issue where a DHCP server configured on an SVI interface did not work. | 6.1.3 | - |
| CGSDW-12741 | Resolved an issue where the FC on the data center ION device was crashing after removing multicast profile on a branch site where no devices were assigned. | 6.1.3 | - |
| CGSDW-12733 | DPD with IKEv2 on Standard VPN does not bring the tunnel down based on the configuration on the DPD timer. | 6.4.1 | 6.1.3 |
| CGSDW-12698 | Resolved an issue where the branch ION device wasn't passing ICMP traffic originating from a DC ION device to a non-CGNX prefix from WAN to LAN. | 6.1.5 | 6.1.3 |
| CGSDW-12663 | Resolved an issue in which the HA switchover took place only after restarting the flow controller (FC). | 6.2.2 | - |
| CGSDW-12616 | Resolved an issue where custom roles could not perform edit actions. | 6.2.1 | - |
| CGSDW-12578 | Resolved an issue wherein the FC process was restarting frequently after upgrading the device. | 6.1.3 | - |
| CGSDW-12565 | Resolved an issue where the fp-metrics process was crashing on an ION device due to improper flow clean up. | 6.1.3 | - |
| CGSDW-12562 | Resolved an issue where ARP packets were not being received over the virtual VLAN interface for a branch ION device. | 6.2.1, 6.1.3 | - |
| CGSDW-12501 | Resolved an issue where an FC process was crashing on an ION 2000 device when trying to forward a flow which was marked for deletion. | 6.1.3 | - |
| CGSDW-12299 | Resolved an issue where the PDN selection for custom APN was not following the designated IP address type. | 6.1.7 | - |
| CGSDW-12204 | Resolved an issue where an FC process was crashing on an ION 3000 device due to insufficient memory. | 6.1.3 | - |
| CGSDW-12189 | Resolved an issue where the DHCP server could not configure the bootfile for devices without a PXEClient VCI. | 6.2.1 | - |
| CGSDW-12185 | Resolved an issue where packets were being dropped at the branch site when the TCP ports numbers were re-used between subsequent flows. | 6.2.1, 6.1.3 | - |
| CGSDW-12155 | Resolved an issue where some CLI dump commands were failing on virtual ION devices. | 6.1.3 | - |
| CGSDW-12127 | Resolved an issue that was causing intermittent packet drops for ICMP/PING flows in WAN to LAN traffic from Prisma Access mobile users to a Prisma SD-WAN remote branch LAN host. | 6.2.1, 6.1.3 | 5.6.1 |
| CGSDW-11997 | Resolved an issue where UDP sessions were timing out causing packet drops. | 6.2.1, 6.1.2 | - |
| CGSDW-11976 | Resolved an issue in which the CPU utilization was reported incorrectly by the ION device. | 6.2.1, 6.1.3 | 6.0.1* |
| CGSDW-11581 | Increased the concurrent flow support of the ION-1200-S device to 40,000. | 6.2.1, 6.1.5 | 6.1.2 |
| CGSDW-11579 | Resolved an issue which prevented deletion of unnecessary configuration on the ION 1000 device. | 6.2.1, 6.1.3 | 5.6.3 |
| CGSDW-11472 | Resolved an issue where DC ION devices did not forward traffic to the management VLAN prefixes via the core peer router, if the management port on the core went down. | 6.1.3 | 5.5.1 |
| CGSDW-11416 | Resolved an issue where application override could not be configured for some of the system applications. | 6.2.1 | 6.1.1 |
| CGSDW-11384 | Resolved an issue where static route polling was failing after 18 hours. | 6.2.1, 6.1.5 | 5.6.5 |
| CGSDW-11378 | Resolved an issue wherein multicast could not be enabled on the peer with network configured interfaces with a private WAN label attached for a data center ION device. | 6.1.2 | 6.1.1 |
| CGSDW-11353 | Resolved an issue wherein the Zoom Meeting application traffic destined for 206.247.0.0/16 was not identified correctly. | 6.2.1 | 6.0.1* |
| CGSDW-11327 | Resolved an issue where old records in the ARP table were not being removed. | 6.1.7 | 5.6.9 |
| CGSDW-11326 | Resolved an issue where the vION device interfaces did not display after upgrading the device from device version 5.6.5 to 6.0.1-b70. | 6.0.1*, 6.0.3*, 6.1.2, 6.2.1 | 5.6.5 |
| CGSDW-11155 | Resolved an issue wherein the FC was crashing due to insufficient memory. | 6.0.1*, 6.0.3*, 6.1.1, 6.1.3 | - |
| CGSDW-11150 | Resolved an issue where there could be a possibility of malicious command injections through the ION device CLI. | 6.2.1, 5.6.11, 6.1.5 | 5.6.3 |
| CGSDW-11086 | Resolved an issue where an incorrect DNS entry was being sent to the controller. | 6.2.1, 6.1.3, 5.6.15 | 6.1.1 |
| CGSDW-11059 | Resolved an issue where the API call for a device bulk configuration query for a greenfield tenant would return an invalid Tenant API version error. | 6.1.2, 6.2.1 | 6.0.2* |
| CGSDW-10905 | Resolved an issue where a standard VPN tunnel may flap during the IKE rekey process. | 6.1.2, 6.2.1, 5.6.11 | 5.5.1 |
| CGSDW-10897 | Resolved an issue where the state change events like LLDP flooding was handled that affected multiple processes. | 6.2.1, 6.1.6 | 6.0.2* |
| CGSDW-10819 | Resolved an issue in which LLDP packets were flooding out of the bypass pair for Prisma SD-WAN switching platforms. | 6.0.3*, 6.1.2, 6.1.1 | 6.0.2* |
| CGSDW-10641 | Resolved an issue wherein special characters were not allowed in the NTP template names. | 6.1.2 | 6.0.1* |
| CGSDW-10086 | Resolved an issue where the Rtr-mgr would leak memory and eventually run out of memory. | 6.0.1*, 6.1.1, 6.0.2*, 5.6.9, 5.6.13 | 5.4.1* |
| CGSDW-9947 | Resolved an issue where the 2.3 version of the API for monitoring metrics returned a 403 error. | 6.1.1 | 6.0.2* |
| CGSDW-9806 | Resolved an issue where the configuration was not getting pushed to the ION device from the controller, leading to a condition where the ION device ports were not displayed correctly when using CLI commands. | 6.1.1 | 5.6.5 |
| CGSDW-9643 | Resolved an issue where the branch ION device was going offline or was being disconnected from the controller intermittently whenever IPv6 addresses were present in the DNS responses for ION device internal services. | 5.6.9, 6.2.2, 6.1.3 | 5.2.1* |
| CGSDW-9540 | Resolved an issue where the controller would try to alternately connect to the IPv4 address and then the IPv6 address of the VPN interface, when the VPN tunnel was down. | 6.1.2 | 6.0.1* |
| CGSDW-9421 | Resolved an issue where bandwidth statistics were occasionally not displayed correctly. | 6.0.2*, 6.2.1, 6.1.3 | 6.0.1* |
| CGSDW-9379 | Resolved an issue wherein remote login to the ION device for CLI access was failing. | 6.0.1*, 6.1.1, 6.0.2, 5.6.9 | 5.6.1 |
| CGSDW-9369 | Resolved an issue wherein the Edit and Delete buttons were not visible on the DHCP Servers page on the Prisma SASE web interface. | 6.1.1 | 6.0.1* |
| CGSDW-9339 | Resolved an issue wherein Prisma SD-WAN widgets were not loading on the SASE web interface for a View Only Administrator MSP role. | 6.1.2 | 6.0.1* |
| CGSDW-9331 | Resolved an issue where the All Roles filter for Branch and Data Center sites on the ManageDevices page was not working. | 6.1.1 | 6.0.2* |
| CGSDW-8982 | Resolved an issue where the tcpdump command did not display the expected packets for sub-interfaces. | 6.1.1 | 6.0.1* |
| CGSDW-8754 | Resolved an issue in which the BGP status for a backup ION device displayed as unsynchronized on the web interface. | 6.1.2, 5.6.11 | 5.5.3* |
| CGSDW-8622 | Resolved an issue in which the rtr-manager process was constantly restarting. | 6.0.3*, 5.5.9*, 5.6.9, 6.2.3, 6.1.5 | 5.4.5* |
| CGSDW-8389 | Prisma Access tunnels configured manually will not support ADEM. | 6.1.1 | 5.6.1 |
| CGSDW-8227 | Resolved an issue that caused the system routes to disappear during a switchover in a branch high availability (HA) deployment. | 6.2.1, 5.6.13, 6.1.3 | 5.5.5* |
| CGSDW-8179 | Added support for pagination for the NAT Zone and Interface Bindings pages. | 6.1.2 | 5.6.1 |
| CGSDW-7844 | Resolved an issue where the site counter was missing for the Sites page under Manage>Sites. | 6.1.2 | 6.0.1* |
| CGSDW-7838 | Resolved an issue where the navigation through stack policies on the web interface was slow. | 6.2.1 | 6.0.1* |
| CGSDW-7806 | Resolved an issue where the DHCP Relay was choosing the secondary IP address instead of the primary IP address for sending a DHCP request. | 6.3.1, 6.1.9 | 5.6.1 |
| CGSDW-5513 | Resolved an issue where domains were missing for applications on the Flow Browser page on the web interface. | 6.2.1, 6.1.3 | 6.0.1* |
| CGSDW-3861 | Resolved an issue wherein API calls to a branch ION device were returning inconsistent values when the vpn_to_vpn_forwarding value was set to true. | 6.2.1 | 5.6.1 |
| CGSDW-3841 | Resolved an issue where a DC ION device was not advertising BGP prefixes learnt from the branch LAN peer to the core peer after an HA switchover. | 5.6.3, 6.2.3, 6.1.5 | 5.5.3 |