Prisma SD-WAN
Addressed Issues in ION Release 6.1
Table of Contents
Expand All
|
Collapse All
Prisma SD-WAN Docs
-
-
-
- CloudBlade Integrations
- CloudBlades Integration with Prisma Access
-
-
-
-
- 5.6
- 6.1
- 6.2
- 6.3
- 6.4
- 6.5
- New Features Guide
- On-Premises Controller
- Prisma SD-WAN CloudBlades
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
Addressed Issues in ION Release 6.1
Learn about the issues addressed in ION
release 6.1.x.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
Learn more about the issues addressed
in ION device release 6.1.
- Addressed Issues in ION Device Release 6.1.11
- Addressed Issues in ION Device Release 6.1.10
- Addressed Issues in ION Device Release 6.1.9
- Addressed Issues in ION Device Release 6.1.8
- Addressed Issues in ION Device Release 6.1.7
- Addressed Issues in ION Device Release 6.1.6
- Addressed Issues in ION Device Release 6.1.5
- Addressed Issues in ION Device Release 6.1.4
- Addressed Issues in ION Device Release 6.1.3
- Addressed Issues in ION Device Release 6.1.2
- Addressed Issues in ION Device Release 6.1.1
- Addressed Issues in ION Device Release 6.1.10
- Addressed Issues in ION Device Release 6.1.9
- Addressed Issues in ION Device Release 6.1.8
- Addressed Issues in ION Device Release 6.1.7
- Addressed Issues in ION Device Release 6.1.6
- Addressed Issues in ION Device Release 6.1.5
- Addressed Issues in ION Device Release 6.1.4
- Addressed Issues in ION Device Release 6.1.3
- Addressed Issues in ION Device Release 6.1.2
- Addressed Issues in ION Device Release 6.1.1
Addressed Issues in ION Device Release 6.1.10
The following table lists the issues addressed in
ION Device Release 6.1.10.
Issue ID | Description |
---|---|
CGSDW-22633 | Fixed memory issues that were being caused due to security policy configuration. |
CGSDW-23049 | Resolved an issue where core files were being generated when the device was being upgraded. |
CGSDW-23398 | Resolved an issue where extra interfaces were seen on SNMPv3 polling. |
CGSDW-23493 | Optimized device boot up time for certain device restart scenarios. |
CGSDW-23534 | Resolved an issue where the Ingress displayed a zero value for Bandwidth Utilization. |
CGSDW-23926 | Resolved an issue where SNMP walk was showing inconsistent interface operation status for switched ports. |
CGSDW-23928 | Resolved an issue where the snmpwalk command was returning incorrect information. |
CGSDW-24262 | Resolved an issue where a route, which was not necessarily the best route, was getting selected as the reachable route. |
CGSDW-24269 | Resolved an issue where the APPLICATION_CUSTOM_RULE_CONFLICT incident was being raised for system applications. |
CGSDW-20234 | Resolved an issue where a virtual interface with sub-interfaces was not passing traffic. |
CGSDW-24485 | Resolved an issue of FC crashing for flows with path type LAN_TO_PRIVATE_DIRECT. |
CGSDW-24528 | Enhanced device logging to capture kernel activity in the event of a device restart. |
CGSDW-25586 | Resolved an issue where the GRE tunnel was not being established when in FIPS mode. |
Addressed Issues in ION Device Release 6.1.9
The following table lists the issues addressed in
ION Device Release 6.1.9.
Issue ID | Description |
---|---|
CGSDW-7806 | Resolved an issue where the DHCP Relay was choosing the secondary IP address instead of the primary IP address for sending a DHCP request. |
CGSDW-13161 | Resolved an issue where the software bypass was not working after an FC restart for the ION 3200 device. |
CGSDW-17125 | Resolved an issue where the controller ARP entry was missing on the ION device gateway. |
CGSDW-17345 | Resolved an issue where the device in an unclaimed state was not sending software upgrade states to the controller. |
CGSDW-19427 | Resolved an issue where the FC was crashing if the clear user-app-session all CLI command was executed during interface scanning. |
CGSDW-19628 | Resolved an issue where return traffic was not seen from the DC ION to the branch ION device. |
CGSDW-19987 | Resolved an issue where the default signature file was packaged with an incorrect name causing the app-engine to restart. |
CGSDW-20234 | Resolved an issue where a virtual interface with sub-interfaces was not passing traffic. |
CGSDW-20824 | Reduced the downtime in tunnel establishment, such that the ION device re-initiates a new SA with the peer as soon as three tunnel probes fail. |
CGSDW-21119 | Resolved an issue where the bypass pair ports of a device remained in the bypass pair mode even after the device was declaimed. |
CGSDW-21176 | Resolved an issue where the SVI interface did not pass traffic. |
CGSDW-21409 | Resolved an issue where the FC was crashing when many app-map entries were being created, modified, or deleted in parallel. |
CGSDW-21512 |
Enabled default behavior for the Bypass pair latch only in the following
scenarios:
|
CGSDW-22070 | Resolved an issue where the statistics server was taking too long to respond to requests for statistics from SCM. |
CGSDW-22072 | Resolved an issue where the rtr_mgr_api process was holding a lot of memory. |
CGSDW-22259 | Resolved an issue where SNMPv3 was not polling all the interfaces on the ION 9200 platform. |
CGSDW-23031 | Resolved an issue of memory leak in the FC User App logic. |
CGSDW-23390 | Added the latest ADEM package to device software version 6.1.9. |
CGSDW-23414 | Resolved an issue where the clear dhcp lease command was not deleting the DHCP leases. |
CGSDW-23508 | Resolved an issue where the app detection did not work as expected after upgrading to software version 6.1.6. |
Addressed Issues in ION Device Release 6.1.8
The following table lists the issues addressed in
ION Device Release 6.1.8.
Issue ID | Description |
---|---|
CGSDW-19542 | Assessed that the ION device is not vulnerable to a Terrapin attack (CVE-2023-48795). |
Addressed Issues in ION Device Release 6.1.7
The following table lists the issues addressed in
ION Device Release 6.1.7.
Issue ID | Description |
---|---|
CGSDW-11327 | Resolved an issue where old records in the ARP table were not being removed. |
CGSDW-12299 | Resolved an issue where the PDN selection for custom APN was not following the designated IP address type. |
CGSDW-16172 | Resolved an issue wherein the ION device with ZBFW was treating the first packet block differently for LAN to LAN and LAN to WAN traffic. |
CGSDW-19237 | Resolved an issue where the FC was crashing due to stack corruption. |
CGSDW-19582 | Resolved an issue of tunnel detection and ADEM operability during the easy onboarding process. |
CGSDW-19674 | Resolved an issue where the fc-monitor, fp-metrics, and fp-scm processes were crashing due to buffer overflow in DPDK. |
CGSDW-19707 | Resolved an issue where the Standard VPN path was not displayed in the list of paths when configured through easy onboarding. |
CGSDW-19778 | Resolved an issue where the blobfish process kept on restarting during remote access of the ION device. |
CGSDW-19834 | Resolved an issue where the TCP connection was not being terminated by the controller during a device reboot. |
CGSDW-20223 | Resolved an issue where the signal strength for the cellular network was displayed incorrectly on the web interface and CLI. |
CGSDW-20649 | Resolved an issue wherein the SNMP daemon process was slowly consuming the memory in the ION device suggesting a possible memory leak. |
CGSDW-20671 | Resolved an issue where incidents related to RADIUS server were raised even when a RADIUS server was not configured. |
Addressed Issues in ION Device Release 6.1.6
The following table lists the issues addressed in
ION Device Release 6.1.6.
Issue ID | Description |
---|---|
CGSDW-10897 | Resolved an issue where the state change events like LLDP flooding was handled that affected multiple processes. |
CGSDW-13397 | Resolved an issue where the FC was crashing during a TCP SYN scan. |
CGSDW-14509 | Resolved an issue where the interface MAC address configuration was out of sync if the address was configured when the interface was down. |
CGSDW-15212 | Resolved an issue where a subinterface on a virtual ION device with DPDK was not passing traffic. |
CGSDW-17031 | Resolved an issue where the fc-monitor process crashed on ION 2000 during port scanning and restart with an out of memory error. |
CGSDW-17571 | Resolved an issue where incorrect WAN path was accounted for in the flows. |
CGSDW-17572 | Resolved an issue where the virtual interface couldn't be used for HA topology in the 6.1.x versions. |
CGSDW-18154 | Resolved an issue where ION 1200-C5G-exp didn't support ION 6.1.5-b1 version. |
CGSDW-18158 | Resolved an issue where dot1xmgr process was consuming high CPU in the ION 1200-S device. |
CGSDW-18164 | Resolved an issue where the FC was crashing due to a VPN interface being mapped to multiple VPN links. |
CGSDW-18252 | Resolved an issue where the cellular failover to another SIM degraded the performance until a device reboot, modem restart or radio restart was performed. |
CGSDW-18350 | Resolved an issue where the ION device was dropping LAN-to-LAN traffic due to security policy configuration. |
CGSDW-18490 | Resolved an issue where the FC was crashing when the security policy rules list counter exceeded 256. |
CGSDW-18768 | Resolved an issue where FC crashed due to ingress QoS. |
CGSDW-18816 | Resolved an issue of interface flapping on the ION device after a device software upgrade. |
CGSDW-18876 | Resolved an issue where the SNMP agent on the ION device was restarting with multiple error logs. |
CGSDW-18982 | Resolved an issue where fp-rte process crashed due to an exception packet. |
CGSDW-19015 | Resolved an issue where the ION device was not able to process large packets on the ION 1000, 2000, and 3000 platforms. |
CGSDW-19043 | Resolved an issue that was causing the fp-rte process to crash on using the clear user-app-session command multiple times. |
CGSDW-19044 | Resolved an issue where the ION device was blocking the flow for a custom application due to flow re-classification. |
CGSDW-19102 | Resolved an issue where the FC crashed on ION 9200 due to large number of security rules. |
CGSDW-19206 | Resolved an issue where the device interface was flapping with 1000/Full-Cisco switch and 100/10 Full config. |
CGSDW-19255 | Resolved an issue where the fp-rte process was crashing when the RTE memzone limits were exceeded. |
CGSDW-19353 | Resolved an issue where Path App Prefix Stats can be avoided for network scan. |
CGSDW-19473 | Resolved an issue of FC restarting after 3 days of running scan tests on interfaces. |
CGSDW-19493 | Resolved an issue where the health events prefix shows the prefix in reverse order. |
Addressed Issues in ION Device Release 6.1.5
The following table lists the issues addressed in
ION Device Release 6.1.5.
Issue ID | Description |
---|---|
CGSDW-3841 | Resolved an issue where a DC ION device was not advertising BGP prefixes learnt from the branch LAN peer to the core peer after an HA switchover. |
CGSDW-8622 | Resolved an issue in which the rtr-manager process was constantly restarting. |
CGSDW-11150 | Resolved an issue where there could be a possibility of malicious command injections through the ION device CLI. |
CGSDW-11384 | Resolved an issue where static route polling was failing after 18 hours. |
CGSDW-11581 | Increased the concurrent flow support of the ION-1200-S device to 40,000. |
CGSDW-12698 | Resolved an issue where the branch ION device wasn't passing ICMP traffic originating from a DC ION device to a non-CGNX prefix from WAN to LAN. |
CGSDW-13805 | Resolved an issue wherein received BGP routes were getting filtered in case of uneven route lengths. |
CGSDW-14342 | Resolved an issue where branch to branch VPNs could not be created for the ION 1200-S device. |
CGSDW-15027 | Resolved an issue where the SNMP interface bandwidth was being reported incorrectly after upgrading the device software version from 5.6.x. |
CGSDW-15039 | Resolved an issue where the domain names were not displayed for Applications on the Flows tab. |
CGSDW-15238 | Resolved an issue where the fp-metrics process was crashing on clearing flows on the ION device during traffic flow. |
CGSDW-15257 | Resolved an issue wherein previously reachable prefixes from a DC ION device became unreachable after upgrading the device software to version 6.1.2. |
CGSDW-15393 | Addressed an issue where the Advertised auto-negotiation mode duplex setting was erroneously set to Yes following a reboot of the ION device through the web interface. |
CGSDW-15529 | Resolved an issue where the per BGP peer statistics table did not have any data. |
CGSDW-15623 | Resolved an issue where the FC process was restarting on the ION device. |
CGSDW-15663 | Resolved an issue where the thmgr process did not start after upgrading the device software version. |
CGSDW-15828 | Resolved an issue where the alarm for Power Supply Unit (PSU) removal was not working for the ION 5200 and 9200 devices. |
CGSDW-15868 | Resolved an issue wherein high memory consumption by the ADEM process was causing other processes to crash and device to reboot. |
CGSDW-16003 | Resolved an issue where the FC was crashing due to the ADEM process. |
CGSDW-16005 | Resolved an issue where the app-engine was crashing on an ION 2000 device during continuous traffic flow. |
CGSDW-16269 | Resolved an issue where high payload traffic sent over Private WAN VPN with a high throughput was dropping. |
CGSDW-16280 | Resolved an issue wherein the DC ION device did not forward traffic to the mgmt-vlan prefix if the management port of the core switch went down. |
CGSDW-16717 | Resolved an issue where the fp-rte process was crashing if the packet size was larger than 16384. |
CGSDW-16839 | Resolved an issue where the app-engine was consuming high memory during high traffic flows. |
CGSDW-17138 | Fixed a BGP attribute that was seen as corrupted. |
CGSDW-17418 | Resolved an issue where the ION 5200 and 9200 devices were unable to handle oversize packets. |
Addressed Issues in ION Device Release 6.1.4
The following table lists the issues addressed in
ION Device Release 6.1.4.
Issue ID | Description |
---|---|
CGSDW-13982 | Provided an option to disable tunnel reoptimization based period tunnel latency checks. |
CGSDW-14737 | Resolved an issue where the Local AS # was not getting updated correctly in the BGP configuration. |
CGSDW-14766 | Resolved an issue wherein the configuration for a BGP peer wasn't removed on deleting the BGP peer. |
CGSDW-14980 | Resolved an issue where custom applications with L3/L4 prefixes were not detected when used in security policies. |
CGSDW-15201 | Resolved an issue where the ingress capacity bandwidth calculation was displaying as zero for some WAN links. |
CGSDW-15258 | Resolved an issue where the device went offline intermittently due to restart of the FC process. |
CGSDW-15339 | Resolved an issue wherein FC crashes were occurring due to a high volume of subinterfaces. |
CGSDW-15661 | Resolved an issue where memory leak was observed in the VPN process. |
CGSDW-15969 | Resolved an issue where the subinterface was operational in spite of shutting down the remote parent interface on the 1200-S/3200/5200/9200 platforms. |
Addressed Issues in ION Device Release 6.1.3
The following table lists the issues addressed in
ION Device Release 6.1.3.
Issue ID | Description |
---|---|
CGSDW-5513 | Resolved an issue where domains were missing for applications on the Flow Browser page on the web interface. |
CGSDW-8227 | Resolved an issue that caused the system routes to disappear during a switchover in a branch high availability (HA) deployment. |
CGSDW-9421 | Resolved an issue where bandwidth statistics were occasionally not displayed correctly. |
CGSDW-9643 | Resolved an issue where the branch ION device was going offline or was being disconnected from the controller intermittently whenever IPv6 addresses were present in the DNS responses for ION device internal services. |
CGSDW-11086 | Resolved an issue where an incorrect DNS entry was being sent to the controller. |
CGSDW-11155 | Resolved an issue wherein the FC was crashing due to insufficient memory. |
CGSDW-11472 | Resolved an issue where DC ION devices did not forward traffic to the management VLAN prefixes via the core peer router, if the management port on the core went down. |
CGSDW-11579 | Resolved an issue which prevented deletion of unnecessary configuration on the ION 1000 device. |
CGSDW-11976 | Resolved an issue in which the CPU utilization was reported incorrectly by the ION device. |
CGSDW-12127 | Resolved an issue causing intermittent packet drops for ICMP/PING flows in WAN to LAN traffic from mobile users to a remote branch LAN host. |
CGSDW-12155 | Resolved an issue where some CLI dump commands were failing on virtual ION devices. |
CGSDW-12185 | Resolved an issue where packets were being dropped at the branch site when the TCP ports numbers were re-used between subsequent flows. |
CGSDW-12204 | Resolved an issue where an FC process was crashing on an ION 3000 device due to insufficient memory. |
CGSDW-12501 | Resolved an issue where an FC process was crashing on an ION 2000 device when trying to forward a flow which was marked for deletion. |
CGSDW-12562 | Resolved an issue where a branch ION device was unable to receive ARP packets on a virtual interface. |
CGSDW-12565 | Resolved an issue where the fp-metrics process was crashing on an ION device due to improper flow clean up. |
CGSDW-12578 | Resolved an issue wherein the FC process was restarting frequently after upgrading the device. |
CGSDW-12741 | Resolved an issue where the FC on the data center ION device was crashing after removing multicast profile on a branch site where no devices were assigned. |
CGSDW-12802 | Resolved an issue where a DHCP server configured on an SVI interface did not work. |
CGSDW-12960 | Resolved an issue where tunnel would not form when using a Virtual Interface on a data center ION device. |
CGSDW-12977 | Resolved an issue that was causing a missing ARP entry for the controller gateway after upgrading to version 5.6.11. |
CGSDW-13412 | Resolved an issue where an FC process was crashing when trying to forward a flow which was marked for deletion. |
CGSDW-13415 | Resolved an issue where the CPU utilization value on the front panel of the device differed from the value on the web interface. |
CGSDW-13424 | Resolved an issue where the flow controller was crashing due to incorrect source prefixes configured in the security policy rule. |
CGSDW-13486 | Resolved an issue where the SNMP agent failed to start after upgrading the ION device. |
CGSDW-13533 | Resolved an issue where the SNMP agent was crashing if the platform did not support certain LLDP MIBs. |
CGSDW-13760 | Resolved an issue where the FC process would restart on ION device version 6.0.1-b70. |
CGSDW-13819 | Resolved an issue of fc-monitor crash, wherein the time taken by the fc-control thread to report to the fc-monitor thread was being incorrectly evaluated. |
CGSDW-14009 | Resolved an issue where the HA LED did not light up. |
CGSDW-14120 | Resolved an issue where the Flow Controller kept on restarting. |
CGSDW-14208 | Resolved an issue where the data center ION device was forwarding traffic incorrectly over MPLS. |
CGSDW-14341 | Resolved an issue where the Flow Controller was crashing frequently due to a security policy on a branch ION device. |
CGSDW-14344 | Resolved an issue where the FC process was crashing when traffic was initiated on an idle ION device. |
Addressed Issues in ION Device Release 6.1.2
The following table lists the issues addressed in
ION Device Release 6.1.2.
Issue ID | Description |
---|---|
CGSDW-7844 | Resolved an issue where the site counter was missing for the Sites page under Manage>Sites. |
CGSDW-8179 | Added support for pagination for the NAT Zone and Interface Bindings pages. |
CGSDW-8754 | Resolved an issue in which the BGP status for a backup ION device displayed as unsynchronized on the web interface. |
CGSDW-9339 | Resolved an issue wherein widgets were not loading on the SASE web interface for a View Only Administrator MSP role. |
CGSDW-9540 | Resolved an issue where the controller would try to alternately connect to the IPv4 address and then the IPv6 address of the VPN interface, when the VPN tunnel was down. |
CGSDW-10641 | Resolved an issue wherein special characters were not allowed in the NTP template names. |
CGSDW-10819 | Resolved an issue in which LLDP packets were flooding out of the bypass pair for switching platforms. |
CGSDW-10905 | Resolved an issue where a standard VPN tunnel may flap during the IKE rekey process. |
CGSDW-11059 | Resolved an issue where the API call for a device bulk configuration query for a greenfield tenant would return an invalid Tenant API version error. |
CGSDW-11326 | Resolved an issue where the ION device interfaces did not display after upgrading the ION device from device version 5.6.5 to 6.0.1-b70. |
CGSDW-11378 | Resolved an issue wherein multicast could not be enabled on the peer with network configured interfaces with a private WAN label attached for a data center ION device. |
CGSDW-11997 | Resolved an issue where UDP sessions were timing out causing packet drops. |
Addressed Issues in ION Device Release 6.1.1
The following table lists the issues addressed in
ION Device Release 6.1.1.
Issue ID | Description |
---|---|
CGSDW-8982 | Resolved an issue where the tcpdump command did not display the expected packets for sub-interfaces. |
CGSDW-9331 | Resolved an issue where the All Roles filter for Branch and Data Center sites on the ManageDevices page was not working. |
CGSDW-9369 | Resolved an issue wherein the Edit and Delete buttons were not visible on the DHCP Servers page on the Prisma SASE web interface. |
CGSDW-9379 | Resolved an issue wherein remote login to the ION device for CLI access was failing. |
CGSDW-9806 | Resolved an issue where the configuration was not getting pushed to the ION device from the controller, leading to a condition where the ION device ports were not displayed correctly when using CLI commands. |
CGSDW-9947 | Resolved an issue where the 2.3 version of the API for monitoring metrics returned a 403 error. |
CGSDW-10086 | Resolved an issue where the Rtr-mgr would leak memory and eventually run out of memory. |
CGSDW-11155 | Resolved an issue wherein the FC was crashing due to insufficient memory. |