PAN-OS 11.2.7-h1 Addressed Issues
Focus
Focus

PAN-OS 11.2.7-h1 Addressed Issues

Table of Contents

PAN-OS 11.2.7-h1 Addressed Issues

PAN-OSĀ® 11.2.7-h1 addressed issues.
Issue ID
Description
PAN-294436
Fixed an issue where polling failed for ethernet interfaces due to the physical port counters read from the MAC being 0.
PAN-293842
Fixed an issue where the hybrid-SWG service proxy stopped working after upgrading to PAN-OS 11.1.6-h13 due to the firewall failing to establish the listening interface.
PAN-293673
Fixed an issue where the firewall stopped all tasks due to an OOM condition caused by a scheduled log export using FTP to an external FTP server.
PAN-292503
Fixed an issue on the firewall where the source and destination NAT IP addresses did not display in traffic and threat logs.
PAN-291060
Fixed an issue where commits failed due to the configured connected gateway IPv6 address in the NAT64 policy exceeding the 31 character limit.
PAN-290996
Fixed an issue where SNMP walks returned a value of 0 for the CPS (Connections Per Second) per vsys on firewalls after upgrading to PAN-OS 11.1.6-h3, even when active connections were present.
PAN-290088
Fixed an issue where a memory leak occurred related to the configd process when pushing configurations from Panorama to a firewall. This occurred when the configurations contained shared policy rules.
PAN-289714
(Prisma Access only) Fixed an issue where persistent commit failures occurred due to a missing transformation script when downgrading from PAN-OS 10.2.0 to PAN-OS 10.1.0.
PAN-289268
Fixed an issue where internet access through Secure Web Gateway (SWG) proxy nodes did not work when the default internet access policy rule source user was not known-user.
PAN-288939
Fixed an issue where the logrcvr process stopped responding due to an invalid SSL context being used for socket communication, which caused commits to fail.
PAN-284878
(Firewalls in active/passive HA configurations only) Fixed an issue where commits failed due the useridd process restarting.
PAN-284003
Fixed an issue where clients did not receive a valid response when when searching a website due to a compression error.
PAN-280409
Fixed an issue where the popup window did not appear as expected for Clientless VPN users.
PAN-279901
Fixed an issue where the firewall dropped client hello packets when decryption was enabled, which prevented access to certain websites. This occurred when the client hello packet was truncated, the accumulation proxy assumed that the first packet contains at least 5 bytes, or out-of-order packets were waiting in L4 TCP.
PAN-279690
Fixed an issue where the the all_pktproc process stopped responding, which caused the firewall to unexpectedly restart.
PAN-279415
Fixed an issue where service routes configured to use a data plane interface incorrectly used the management plane interface for traffic transmission. This issue affected syslog and CRL status traffic when a custom service route was not configured.
PAN-276616
Fixed an issue on the firewall where half-duplex settings on Ethernet were not visible.
PAN-271810
Fixed an issue where auto-negotiation advertised and negotiated 10/100 half and full duplex.
PAN-268787
Fixed an issue where users were unable to log in to Panorama and the following error message was displayed: Timed out while getting config lock. Please try again. This occurred when pushing configurations to a large number of devices.
PAN-255860
(PA-5200 firewalls only) Fixed an issue where the all_pktproc process stopped responding when the firewall was under a heavy traffic load.
PAN-252706
Fixed an issue where the URL filtering response page for Continue and Override did not work with IPv6 Router Advertisement (RA) or Multicast Listener Query (MLQ) for IPv6-to-IPv6 and IPv6-to-IPv4 traffic.