Fixed an issue where, after manually creating a device telemetry bundle, the hour_cli_output.txt file within the bundle had a file size of 0 bytes. This occurred when checking the bundle content after enabling device telemetry and setting the device telemetry upload endpoint.

Fixed an issue on Panorama where the debug system reset-ztp CLI command was unavailable.

Fixed an issue where, when SD-WAN Direct Internet Access was configured and traffic traversed the cellular interface without a NAT policy rule, intermittent cellular modem connectivity issues occurred, which caused the firewall to disconnect and reconnect to the cellular network. To use this fix, run the CLI command set session teardown-upon-fwd-zonechange yes.

Fixed an issue where the firewall experienced extended boot times after a reboot due to the configd process needing to rebuild the ACE catalog after detecting discrepancies that were caused by duplicate application checking between the ACE catalog and content.

Fixed an issue where, after upgrading to an affected PAN-OS release, the Visible Virtual System field referenced the vsys name instead of the vsys ID, which caused inter-vsys routing to fail. This occurred when a vsys display name matched one of the vsys IDs. If you're using a multivsys environment, you must upgrade your firewalls to a fixed PAN-OS version. The best practice is to upgrade both the firewalls and Panorama to a fixed PAN-OS version.

If you don't upgrade Panorama to a fixed version, you'll encounter PAN-245064, where a commit on a multivsys firewall fails with the message vsys name should end with a number vsys is invalid after you Export or push device config bundle from 11.1.1 Panorama.

After you upgrade Panorama to a fixed version, you'll encounter PAN-214177, which causes an Export or Push device config bundle from Panorama to the firewall to fail. The workaround for PAN-214177 is to first push only the template configuration and then push the device group configurations.

(PA-1410 Firewalls only) Fixed an issue where the firewall experienced high management CPU usage and repeatedly rebooted when attempting to retrieve SMART data.

Fixed an issue where the firewall rebooted due to the useridd process repeatedly restarting during an IP-port data type writes to the redis from multiple sources such as TSA or XML in a scale environment.

Fixed an issue on the firewall where BGP peers disconnected due to frr_ns1_bgpd restarting.

Fixed an issue where Panorama did not display data in the Feature Adoption tab in Strata Cloud Manager due to the system creating and deleting a CLI user for each interval instead of reusing a permanent CLI user for telemetry.

Fixed an issue where the firewall established multiple TCP connections to a syslog server, which caused logs to be dropped. This occurred because the firewall established a new TCP session for each transfer and the sessions were not closed, which resulted in a continuous increase in connections over time.

Fixed an issue on Panorama appliances and Log Collectors where, after an upgrade, Elasticsearch intermittently entered into a Red state before automatically recovering.

Fixed an issue where a memory leak occurred on the reportd process when a WildFire update was initiated while device telemetry data collection was in progress. This resulted in an OOM condition.

Fixed an issue on Panorama where API jobs failed with the error message Server error: Timed out while getting config lock. This occurred due to slow set request performance when setting a large number of address objects in a single set call.

Fixed an issue where NAT pool leaks occurred during a test when RTSP traffic hit NAT rules.

Fixed an issue where the firewall did not display VPC endpoints when there was a large amount of VPC endpoints to interface mappings.

Fixed an issue where the reportd process stopped responding with a SIGSEGV at schedule_report_es_response.

Fixed an issue where the routed process core failed the automation run.