PAN-OS 10.1.10 Addressed Issues
PAN-OSĀ® 10.1.10 addressed issues.
Issue ID | Description |
---|---|
PAN-217431 | ( PA-5400 Series firewalls with DPC (Data Processing Cards) only ) Fixed an issue with
slot 2 DPCs where URL Filtering did not work as expected after
upgrading to PAN-OS 10.1.9. |
PAN-217284 | Fixed an intermittent issue where an LACP flap occurred when the LACP transmission rate was set
to Fast . |
PAN-216996 | Fixed an issue where, after upgrading Panorama to PAN-OS 10.1.9, multiple User-ID alerts were generated every 10 minutes. |
PAN-216710 | Fixed an issue with firewalls in active/active HA configurations where GlobalProtect disconnected
when the original suspected active-primary firewall became
active-secondary. |
PAN-216656 | Fixed an issue where the firewall was unable to fully process the user list from a child group when the child group contained more than 1,500 users. |
PAN-216366 | Fixed an issue where, when custom signatures used a certain syntax,
false positives were generated on devices on a PAN-OS 10.0
release. |
PAN-215503 | Fixed a memory related issue where the
MEMORY_POOL address was mapped
incorrectly |
PAN-215125 | Fixed an issue where false negatives occurred for some script samples. |
PAN-214624 | Fixed an issue where the logrcvr process stopped responding. |
PAN-213463 | ( PA-5200 Series firewalls only ) Fixed an issue where unplugging a PAN-SFP-CG transceiver from an interface with its link speed setting set to 1000 caused the firewall to incorrectly read that interface as up. |
PAN-212848 | Fixed an issue where attempting to change the disk-usage cleanup threshold to 90 resulted in the error message Server error : op command for client dagger timed out as client is not available . |
PAN-212530 | Fixed an issue on log collectors where the root partition reached 100% utilization. |
PAN-211997 | Fixed an issue where large OSPF control packets were fragmented, which caused the neighborship to fail. |
PAN-211602 | Fixed an issue where, when viewing a WildFire Analysis report via the web interface, the
detailed log view was not accessible if
the browser window was resized. |
PAN-211441 | Fixed a memory leak issue related to SSL crypto operations that resulted in failed commits. |
PAN-211422 | Fixed an issue where the show session packet-buffer-protection buffer-latency CLI command randomly displayed incorrect values. |
PAN-211242 | Fixed an issue where missed heartbeats caused the Data Processing Card (DPC) and its corresponding Network Processing Card (NPC) to restart due to internal packet path monitoring failure. |
PAN-211150 | Fixed an issue on Panorama where users with custom admin roles were incorrectly unable to view SSH profiles even when it was permitted in the custom role. |
PAN-210921 | ( Panorama appliances in Legacy Mode only ) Fixed an issue where Blocked
Browsing Summary by Website in the user activity
report contained scrambled characters. |
PAN-210919 | Fixed an issue where the Data Processing Card remained in a Starting state after a restart. |
PAN-210738 | Fixed an issue where fragmented UDP packets were dropped. |
PAN-210661 | Fixed an issue where firewalls disconnected from Cortex Data Lake due to a missing key file after renewing the device certificate. |
PAN-210654 | Fixed an issue with firewalls on active/passive HA configurations GlobalProtect where users were
disconnected after HA failover. |
PAN-210563 | Fixed an issue on Panorama where Security policy rules with a Tag target
did not appear in the pre-rule list of a Dynamic Address Group that
was part of the tag. |
PAN-210397 | Fixed an issue on Panorama where VM-Series firewalls in HA configurations hosted on Amazon Web
Services (AWS) were not displayed under Deploy Master
Key . |
PAN-210236 | Fixed an issue where the Templates list was not displayed under the Location drop-down for commit or configuration locks. |
PAN-210216 | A debug command was added to address an issue with firewalls in high availability configurations. |
PAN-210158 | ( CN-Series firewalls only ) Fixed an issue where the dataplane stopped responding after a container restart. |
PAN-210000 | Fixed an issue where, when traffic and threat logs exceeded the threshold of 90% total allowed
size, alarms were not generated for other log types. |
PAN-209872 | Fixed an issue where dataplane ports responded to ICMP requests fewer than 64 bytes with nonzero
padding bytes in the ICMP response. |
PAN-209696 | Fixed an issue where link-local address communication for IPv6, BFD, and OSPFv3 neighbors was dropped when IP address spoofing check was enabled in a Zone Protection profile. |
PAN-209683 | Fixed an issue where Panorama was unable to retrieve IP address-to-username mapping from a firewall on a PAN-OS 8.1 release. |
PAN-209617 | Fixed an issue with firewalls in active/passive HA configurations where the passive firewall created an incorrect SCTP association due to the HA sync messages from the active firewall having an incorrect value. |
PAN-209501 | Fixed an issue where the GlobalProtect logdb quota was not displayed in the show system logdb quota output. |
PAN-209491 | Fixed an issue on the web interface where the Session Expire Time displayed a past date if the device time was in December. |
PAN-209375 | Fixed an issue on the firewall where log filtering did not work as expected. |
PAN-209108 | Fixed an issue where a Panorama in Management Only mode was unable to display logs from log
collectors due to missing schema files. |
PAN-208930 | ( PA-7000 Series firewalls only ) Fixed an issue where autotagging in log forwarding did
not work. |
PAN-208902 | Fixed an issue where, when a client sent a TCP/FIN packet, the firewall displayed the end reason as aged-out instead of tcp-fin . |
PAN-208877 | Fixed an issue where the all_task process stopped responding when freeing the HTTP/2
stream, which caused the dataplane to go down. |
PAN-208792 | Fixed an issue where authentication failed when the service route for RADIUS traffic was configured as use default for IPv4 addresses and included the dataplane interface as the destination route. |
PAN-208526 | Fixed an issue where API calls did not display tunnel info. |
PAN-208485 | Fixed an issue where NAT policies were not visible on the CLI if they contained more than 32 characters. |
PAN-208438 | Fixed an issue on Panorama where Security policy rules incorrectly displayed as disabled. |
PAN-208325 | ( PA-5400 Series, PA-3400 Series, PA-400 Series only, and PA-5450
firewalls only ) Fixed an issue where the firewall was
unable to automatically renew the device certificate. |
PAN-208316 | Fixed an issue where user-group names were unable to be configured as the source user via the test security-policy-match command. |
PAN-208240 | Fixed an issue where, when attempting to replace an existing certificate, importing a new certificate with the same name as the existing certificate failed due to mismatched public and private keys. |
PAN-208210 | Fixed an issue where changes to the syslog server configuration were not applied without first restarting the management server. |
PAN-208201 | Fixed an issue on the firewall where the modified date and time was incorrectly updated after a commit operation, PAN-OS upgrade, or reboot. |
PAN-208198 | Fixed an issue with firewalls in active/passive HA configurations where, after rebooting the passive firewall, interfaces were briefly shown as powered up, and then shown as down or shutdown. |
PAN-208189 | Fixed an issue where traffic that matched a Security policy rule with FQDN objects resolved with
two IP addresses reached both IP address destinations. |
PAN-208187 | Fixed an issue where REST API requests did not work for GlobalProtect gateway tunnels. |
PAN-208039 | ( PA-7000 Series firewalls with SMC-B only ) Fixed an issue where the details of configuration changes were not included in configuration logs on the syslog server. |
PAN-207741 | Fixed an issue where Large Scale VPN (LSVPN) Portal authentication failed with the error invalid http response. return error(Authentication failed; Retry authentication when the satellite connected to more than one portal. |
PAN-207663 | Fixed a Clientless VPN issue where JSON stringifies caused issues with the application
rewrite. |
PAN-207661 | Fixed an issue with firewalls in active/active HA configurations where the virtual floating IP address configuration under a Panorama template was overridden and displayed From Template Override: undefined as a source. |
PAN-207577 | Fixed an issue where Panorama > Setup > Interfaces was not accessible for users with custom admin roles even when the interface option was selected for the custom admin roles. |
PAN-207562 | Fixed an issue where the shard count displayed by the show log-collector-es-cluster
health CLI command was higher than the
recommended limit. The recommended limit can be calculated with the
formula 20*heap-memory*no-of-data-nodes. |
PAN-207400 | Fixed an issue on Octeon based platforms where fragmented VLAN tagged packets dropped on an aggregate interface. |
PAN-206640 | Fixed an issue where the ikemgr process stopped responding, which
caused IPSec tunnels to go down. |
PAN-206396 | Fixed an issue where HIP report flip and HIP check failed when a user was part of multiple user
groups with different domains. |
PAN-206333 | Fixed an issue where the Include/Exclude IP
filter under Data Distribution did not work
correctly. |
PAN-206268 | Fixed an issue where an authentication key field, even though not supported, was enabled under the Device tab on Panorama. |
PAN-206221 | Fixed an issue where scheduled configuration pushes with Include Device and Network Templates selected did not work. |
PAN-206128 | ( PA-7000 Series firewalls with NPCs (Network Processing Cards) only ) Improved debugging capability for an issue where the firewall restarted due to heartbeat failures and then failed with the following error message: Power not OK . |
PAN-205995 | Fixed an issue where logs from unaffected log collector groups were not displayed when a log
collector was down. |
PAN-205955 | Fixed an issue where RAID rebuilds occurred even with healthy disks and a clean shutdown. |
PAN-205829 | Fixed an issue where logs did not display Host-ID details for GlobalProtect users despite having a quarantine Security policy rule. This occurred due to a missed local cache lookup. |
PAN-205804 | Fixed an issue on Panorama where a WildFire scheduled update for managed devices triggered multiple UploadInstall jobs per minute. |
PAN-205513 | Fixed an issue where the stats dump file generated by Panorama for a device firewall differed from the stats dump file generated by the managed device. |
PAN-205451 | Fixed an issue where the pan_com process stopped responding due to aggressive commits. |
PAN-205369 | Fixed an issue where connections to Cortex Data Lake were initialized from the firewall even when Cortex Data Lake forwarding was disabled. |
PAN-205337 | Fixed an issue in the Run Now section of custom reports where Threat/Content Name displayed in hypertext, and hovering over the text with the mouse displayed the message undefined. |
PAN-205086 | Fixed an issue where DNS Security categories were able to be deleted from spyware profiles. |
PAN-204987 | Fixed an issue where the firewall changed sequence numbers for reused sessions. |
PAN-204718 | ( PA-5200 Series firewalls only ) Fixed an issue where, after upgrading to PAN-OS
10.1.6-h3, a TACACS user login displayed the following error message
during the first login attempt: Could not chdir to
home directory /opt/pancfg/home/user: Permission
denied . |
PAN-204683 | Fixed an issue where logs were unable to be generated due to old logs not getting purged and /opt/panlogs reaching over 100% usage. |
PAN-204420 | ( WF-500 appliances only ) Fixed an issue where, after an upgrade to a PAN-OS 10.1
release, SNMP traps were not sent to the SNMP server. This occurred
due to SNMP trap server settings not being enabled. |
PAN-204233 | Fixed an issue where, when the firewall received a 513 error from the WildFire cloud, the firewall attempted to repeatedly send the same file. |
PAN-203663 | Fixed an issue where administrators were unable to change the password of a local database for users configured as a local admin user via an authentication profile. |
PAN-203655 | Fixed an issue where enabling event-specific traps (Device Setup Operations Miscellaneous SNMP Setup |
PAN-203339 | Fixed an issue where services failed due to the RAID rebuild not being completed on time. |
PAN-203137 | ( PA-5450 firewalls only ) Fixed an issue where HSCI ports did not come up when QSFP DAC cables were used. |
PAN-202981 | Fixed an issue on Panorama where global find did not return results for existing universally unique identifiers (UUID). |
PAN-201855 | Fixed an issue where, after cloning a template, a certificate with the block private key option enabled was corrupted. |
PAN-201839 | Fixed an issue where GlobalProtect HIP matches failed for Mac users due to invalid characters
being present in the subject alternative attributes in the
certificate on the HIP report. |
PAN-201721 | Fixed an issue with firewalls in HA configurations where HA setup generated the error mismatch due to device update during a content update even though the version was the same. |
PAN-201601 | Fixed an issue where the all_task process stopped responding after adding customer hyperscan signatures. |
PAN-201561 | Fixed an issue where LSVPN satellite authentication cookies were not synced across high availability LSVPN portals. |
PAN-201466 | Fixed an issue where the system log generated on GlobalProtect satellite did not provide the
reason for failures to connect to the GlobalProtect portal or
gateway. |
PAN-200676 | Fixed an issue with firewalls in active/passive HA configurations where the user counts in the management plane were not synchronized between the active and the passive firewall. |
PAN-200356 | Fixed an issue where the Elapsed seconds field incorrectly displayed as 0 for DHCP packets coming from the firewall. |
PAN-199687 | Fixed an issue where content updates failed when using prelicensed keys during the bootstrap
process. |
PAN-199557 | Fixed an issue on Panorama where virtual memory usage exceeded the set limit, which caused the configd process to restart. |
PAN-198693 | Fixed an issue where decrypted SSH sessions were interrupted with a decryption error. |
PAN-198453 | Fixed an issue where you were unable to resize the Description pop-up window (Policies > Security > Prerules ). |
PAN-198333 | Fixed an issue where the SaaS PDF report incorrectly displayed the sanctioned application tag count as 1. |
PAN-198043 | Fixed a rare issue where a BuildXmlCache job failed on the
firewall. |
PAN-197388 | Fixed an issue where, when the firewall forwarded Threat logs via email, the email client
truncated the sender and recipient email addresses when they were
put between angle brackets (<, >). |
PAN-197115 | Fixed an issue where, when the total number of in-used HIP Profiles was greater than 32, traffic
from the GlobalProtect Agent did not hit the expected Security
policy rule configured with the HIP Profile even though a HIP Match
log was generated. |
PAN-196597 | Fixed an issue where the dnsproxyd process stopped responding due to corruption. |
PAN-196417 | ( PA-7000 Series firewalls only ) Fixed an issue where firewalls experienced slow SNMP responses, which caused the SNMP server to time out before polling completion. |
PAN-196345 | Fixed an issue where scheduled dynamic content updates failed to be retrieved by managed firewalls from Panorama when connectivity was slow. |
PAN-196003 | Fixed an issue where the Adjust Columns options for Panorama Traffic logs
did not correctly autoadjust the columns. |
PAN-195251 | Fixed an issue where IPSec tunnel re-keying generated the critical log message
tunnel-status-up . |
PAN-194805 | Fixed an issue where scheduled configuration backups to the SCP server failed with the error
message No ECDSA host key is known . |
PAN-193710 | Fixed an issue where running the show interface CLI command caused the pan_comm process to stop responding during a configuration change. |
PAN-193521 | Fixed an issue where Panorama > Device > Deployment > Software did not display software after running check now for managed devices. |
PAN-192739 | Fixed an issue where the error message Machine Learning found virus was displayed in threat CSV logs as Threat ID/Name when WildFire Inline ML detected malware. |
PAN-192681 | Fixed an issue where HIP database storage on the firewall reached full capacity due to the firewall not purging older HIP reports. |
PAN-192417 | Fixed an issue where botnet reports were not generated on the firewall. |
PAN-190903 | Fixed an issue where MAC addresses in threat capture were swapped between the source MAC and destination MAC addresses. |
PAN-189442 | Fixed an issue where the all_pktproc process stopped responding, which caused the
firewall to reboot. |
PAN-189395 | ( PA-400 Series firewalls only ) Fixed an issue where running
a PAN-OS 10.2 release caused dataplane processes to restart
unexpectedly. |
PAN-189441 | Fixed an issue where the pan_comm process repeatedly restarted, which caused commits to fail. |
PAN-189423 | Fixed an issue where exporting correlation logs generated an empty file. |
PAN-189196 | Fixed an issue on the firewall where the DHCP server did not send DHCP NAK packets correctly when
Served Addresses were configured. |
PAN-188403 | Fixed an issue on the web interface where the interzone-default rule hit count was not displayed. |
PAN-187253 | ( PA-400 Series firewalls only ) Fixed an issue where the
*all_task* process stopped repsonding. |
PAN-186956 | Fixed an issue where SD-WAN DIA VIF did not become active if default gateways for the member
interface did not respond to pings. |
PAN-186412 | Fixed an issue where invalid packet-ptr was seen in work entries. |
PAN-186182 | Fixed an issue where software buffer 3 was depleted when URL proxy was enabled and SSL sessions were decrypted to inject the block page. This issue occurred when an HTTP/2 block page was displayed for a large POST request. |
PAN-185770 | Fixed an issue where the firewall displayed the error message Malformed
Request when an email address included an
ampersand ( & ) when configuring an Email server profile. |
PAN-182689 | Fixed an issue where a signature from a previous WildFire package triggered malware detection
even though the signature was no longer present in the current
WildFire package. |
PAN-180655 | Fixed an issue where FTP connections failed when SSL Inbound Inspection was enabled and a
Security Profile was attached to the FTP connection allow policy
rule. |
PAN-172977 | Fixed an issue where session offloading did not occur on a tap interface under a high packet
load. |
PAN-172806 | Fixed an issue that the logrcvr process crashes during the firewall reboots. |
PAN-170414 | Fixed an issue related to an OOM condition in the dataplane, which was caused by multiple panio commands using extra memory. |
PAN-168102 | Fixed an issue where the API format to check heap usage of a node showed a JSON error. |
Most Popular
Recommended For You
Recommended Videos
Recommended videos not found.