PAN-OS 10.2.15 Addressed Issues
Focus
Focus

PAN-OS 10.2.15 Addressed Issues

Table of Contents

PAN-OS 10.2.15 Addressed Issues

PAN-OSĀ® 10.2.15 addressed issues.
Issue ID
Description
PAN-288930
Fixed an issue where, when ACE was enabled, traffic from cloud applications randomly matched an incorrect cloud-apps policy rule.
PAN-287765
Fixed an issue where SAML authentication failed, which caused the GlobalProtect client to repeatedly attempted to reconnect.
PAN-284116
Fixed an issue where mTLS decryption bypass did not work when the decryption profile was configured with the maximum TLS version as TLS 1.3.
PAN-283813
Fixed an issue on Panorama where the web interface performance was slower than usual when retrieving read-only configurations from Panorama.
PAN-283467
(PA-3400 Series firewalls only) Fixed an issue where the firewall unexpectedly rebooted and entered maintenance mode due to a ctd-agent out-of-memory (OOM) condition. This occurred during advanced services load testing and a high volume of IoT EAL log forwarding.
PAN-283331
Fixed an issue where selective pushes to managed devices failed when the User ID Master Device was configured.
PAN-282633
Fixed an issue where the interface statistic counters were reset, which caused negative values to be reported.
PAN-282607
Fixed an issue where the DHCP process stopped responding when the firewall was configured as a DHCP relay agent.
PAN-282394
Fixed an issue where a firewall was only able to display a maximum of 14 permitted IP addresses from a Panorama Template Variable.
PAN-282391
Fixed an issue on Panorama where a memory leak occurred after cloning a template, resulting in an increase in memory use, which caused OOM errors.
PAN-282359
Fixed an issue where the Panorama web interface was slower than expected.
PAN-280698
Fixed an issue where the firewall removed the TCP timestamp from client hello messages that did not fit in a single packet, which resulted in connection issues.
PAN-279495
Fixed an issue where accessing a URL from the browser returned the error message ERR_RESPONSE_HEADERS_TRUNCATED when the firewall was configured with TLS 1.3.
PAN-279400
Fixed an issue where, when Restrict Certificate Extensions was enabled on decryption profiles, the basic constraints extension was overwritten incorrectly.
PAN-279336
Fixed an issue where the CLI did not display a message to commit prior changes before loading a partial configuration.
PAN-278190
Fixed an issue on Panorama where a scheduled report with SLS data had an invalid translated-query.
PAN-278150
Fixed an issue where the firewall removed the Authentication Key Identifier (AKID) from the certificate during SSL decryption, which caused Python 3.13 to fail with a certificate verification error.
PAN-277755
Fixed an issue that caused the request system private-data-reset CLI command to fail.
PAN-277417
Fixed an memory leak issue related to TLS inbound decryption.
PAN-276964
Fixed an issue where the logrcvr process stopped responding when the firewall was booted up.
PAN-276678
Fixed an issue where Panorama became unresponsive while performing a dynamic address update without a lock.
PAN-274697
Fixed an issue where push operations from Panorama failed on passive firewalls when an application was removed from a Security policy rule and the policy rule was referenced in a device group.
PAN-274569
Fixed an issue where the QSPF transceiver interface displayed an incorrect range figure on the temperature alarm.
PAN-274496
Fixed an issue where the root partition reached 100% which caused the system to become non-functional and failover even when aggressive cleaning was enabled.
PAN-273141
Fixed an issue where GlobalProtect clients experienced slow file transfer download throughput when passing through an IPSec tunnel.
PAN-273008
(PA-5400 firewalls only) Fixed an issue where frequent BGP/BFD flaps occurred and HA2 keep-alives went down.
PAN-272812
Fixed an issue where SNMP monitoring of tunnel interfaces displayed zero values for received bytes and packets.
PAN-272505
Fixed an issue where GlobalProtect cookie authentication failed with the error User is not in allow list.
PAN-269956
Fixed an issue where the all_pktproc process stopped responding, which caused internal path monitor failures.
PAN-269700
Fixed an issue where commits to service connection firewalls from Panorama failed.
PAN-268465
Fixed an issue with firewalls in active/passive HA configurations where the total user count in the registered users was different between the active and passive firewall.
PAN-267580
Fixed an issue where an External Dynamic List (EDL) IP address in an unsupported format was recognized as valid on the firewall.
PAN-267444
Fixed an issue where large file downloads or uploads failed or remained in an incomplete state when using DLP HTTP2 mirror mode.
PAN-262372
Fixed an issue where the firewall generated the error message Successfully generating a new set of config files in the system logs even when device telemetry was not enabled.
PAN-261429
Fixed an issue where the show auth radius-require-msg-authentic command CLI displayed no output.
PAN-255914
(VM-Series firewalls on Amazon Web Services (AWS) environments only) Fixed an issue where a newly bootstrapped firewall required a management server restart, relicensing, or license push from Panorama to invoke the device certificate.
PAN-255547
Fixed an issue where commits failed when importing configurations to a device with a non-default master key.
PAN-252370
Fixed an issue where services with the reserved keyword application-default were allowed.
PAN-241295
Fixed an issue where Panorama pushed permitted IP address lists were editable on the firewall.
PAN-241230
Fixed an issue where the SNMP get request status value for Panorama connections was incorrect.
PAN-237294
Fixed an issue where the interface rate counter intermittently went to zero frequently.
PAN-236672
The automated commit recovery feature default iteration and timeout values have changed. The default iteration value has changed from 1 to 5 seconds, and the timeout value has changed from 10 to 30 seconds.
PAN-215232
Fixed an issue on Panorama where the GlobalProtect app version was displayed incorrectly in the ACC tab.
PAN-206158
Fixed an issue on the web interface where the OK button was enabled when Region > Address had an invalid value.
PAN-201298
Fixed an issue where unknown TCP traffic caused errors and high shared memory usage.