>
    Limitations in PAN-OS 10.2
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. Limitations
    4. Limitations in PAN-OS 10.2
    Download PDF

    Limitations in PAN-OS 10.2

    Table of Contents

    Limitations in PAN-OS 10.2

    What are the limitations related to PAN-OS 10.2 releases?
    The following are limitations associated with PAN-OS 10.2.
    Issue ID
    Description
    PAN-215869
    PAN-OS logs (
    Monitor
    Logs
    ) experience a significant delay before they are displayed if NetFlow (
    Device
    Server Profiles
    NetFlow
    ) is enabled on an interface (
    Network
    Interface
    ). This may result in log loss if the volume of delayed logs exceeds the logging buffer available on the firewall.
    The following firewalls are impacted:
    • PA-410, PA-440, PA-450, and PA-460 Firewalls
    • PA-800 Series Firewalls
    • PA-3200 Series Firewalls
    • PA-3400 Series Firewalls
    PAN-207505
    This issue is now resolved. See PAN-OS 11.0.0 Addressed Issues
    .
    Email schedules (
    Monitor
    PDF Reports
    Email Scheduler
    ) are not supported for SaaS Application Usage (
    Monitor
    PDF Reports
    SaaS Application Usage
    ) reports.
    PAN-205166
    (
    PA-440, PA-450, and PA-460 firewalls only
    ) The CLI does not display system information about the power supply when entering the
    show system environmentals
     command. As a result, the CLI cannot be used to view the current status of the power adapter.
    Workaround:
     To manually interpret the status of the firewall's power adapter, verify that your power cable connections are secure and that the LED on the power adapter is on. If the LED is not illuminated even though the power cable connections are secure, your power adapter has failed.
    PAN-190811
    This issue is now resolved. See
    PAN-OS 10.2.2 Addressed Issues
    .
    (
    PA-5450 only
    ) Log interfaces must be configured to ensure they are not in the same subnetwork as the management interface. Configuring both interfaces in the same subnetwork can cause connectivity issues and result in the wrong interface being used for log forwarding.
    PAN-187390
    (
    PA-220 only
    ) An SD-WAN deployment on a PA-220 firewall has a performance degradation of approximately 30%.
    PAN-181823
    On a PA-5400 Series firewall (minus the PA-5450), setting the peer port to forced 10M or 100M speed causes any multi-gigabit RJ-45 ports on the firewall to go down if they are set to Auto.
    PAN-181229
    On the Panorama management server, a
    Shared
     tag (
    Objects
    Tags
    ) cannot be applied to a
    Shared
     application filter (
    Objects
    Application Filters
    ).
    PAN-174784
    Up to 100,000 daily summary logs can be processed for Scheduled and Run Now custom reports (
    Monitor
    Manage Custom Reports
    ) when configured for the last calendar day. This can result in the generated report not displaying all relevant log data generated in the last calendar day.
    PAN-172144
    On a Panorama management server deployed on VMware ESXi that is managing Dedicated Log Collectors, filtering traffic logs (
    Monitor
    Logs
    Traffic
    ) using the
    (time_generated_geq)
     filter does not return results for the specified
    Generate Time
     if the Dedicated Log Collectors are in different time zones.
    Workaround:
     Configure the same time zone for the Dedicated Log Collectors you are querying.
    1. Log in to the Log Collector CLI.
    2. Set the time zone for the Dedicated Log Collector.
      admin>
       
      configure
      admin#
       
      set deviceconfig timezone <time_zone>
      admin#
       
      commit

    Recommended For You

    © 2023 Palo Alto Networks, Inc. All rights reserved.