End-of-Life (EoL)
PAN-OS 7.1.15 Addressed Issues
PAN-OS® 7.1.15 addressed issues
The following table lists the issues that are addressed
in the PAN-OS® 7.1.15 release. For new features, associated software
versions, known issues, and changes in default behavior, see PAN-OS 7.1 Release Information.
Before you upgrade or downgrade to this release, review the information in Upgrade to PAN-OS 7.1.
Starting with PAN-OS 7.1.5, all unresolved known issues
and any newly addressed issues in these release notes are identified
using new issue ID numbers that include a product-specific prefix.
Issues addressed in earlier releases and any associated known issue
descriptions continue to use their original issue ID.
Issue ID | Description |
---|---|
PAN-89936 | A security-related fix was made to prevent
the decryption of captured sessions through the ROBOT attack (CVE-2017-17841). |
PAN-88341 | Fixed an issue where VM-Series firewalls intermittently
dropped fragmented traffic. |
PAN-87205 | Fixed an issue where a firewall in FIPS/CC
mode intermittently switched to maintenance mode. |
PAN-87145 | Fixed an issue where importing a firewall configuration
into a Panorama management server deleted certain Panorama shared
objects. |
PAN-86676 | Fixed an issue on firewalls configured as DHCP
servers and deployed in a high availability (HA) configuration where,
after HA failover, commits failed and the following error message
displayed: Management server failed to send phase 1 to client dhcpd. |
PAN-86226 | Fixed an issue on PA-5000 Series firewalls
running PAN-OS 7.1.12 or a later 7.1 release where insufficient
proxy memory caused decryption failures and prevented users from
accessing the GlobalProtect portal or gateway. |
PAN-85055 | Fixed an issue where firewalls dropped TCP/UDP-based
application traffic over a GlobalProtect VPN tunnel in high latency
networks. |
PAN-84856 | Fixed an issue where the firewall misidentified
Signiant-based traffic as HTTP-proxy traffic and therefore did not
apply policy correctly to that traffic. |
PAN-84808 | Fixed an issue where high packet-descriptor
utilization caused the firewall to drop traffic over an IPSec tunnel
that used the Authentication Header protocol for key exchange. |
PAN-84752 | Fixed an issue where the firewall rebooted
repeatedly because the User-ID process (userid) stopped responding
after you committed a Mobile Security Manager (MDM) configuration
that failed to connect the firewall to the MDM (Network > GlobalProtect
> MDM). |
PAN-84219 | Fixed an issue on PA-7000 Series firewalls
where the logrcvr process had a memory leak. |
PAN-82957 | Fixed an issue where firewalls did not send
queries for updated user mappings to User-ID agents; instead, the
firewalls waited until the agents learned and forwarded new user
mappings. By default with this fix, the firewall sends queries to
the User-ID agents for unknown users. You can turn off the queries
by running the persistent CLI command debug user-id query-unknown-ip
off. |
PAN-82321 | Fixed an issue where the firewall rebooted
because the User-ID process (useridd) stopped responding after you
performed clone or shutdown operations on VMware vCenter. |
PAN-82197 | Fixed an issue where a Denial of Service (DoS)
attack resulted in high CPU utilization on the firewall because
it centralized session distribution on a single core instead of
over all the cores. |
PAN-82151 | Fixed an issue where the Panorama virtual appliance
in Legacy mode intermittently stopped processing logs, which caused
its firewall connections to flap. |
PAN-81171 | Fixed an issue where firewalls that performed
SSL decryption slowed the download of large files over HTTPS on
macOS endpoints. |
PAN-81100 | Fixed an issue on the firewall and Panorama
management server where a memory leak caused several operations
to fail, such as commits, FQDN refreshes, and content updates. |
PAN-81050 | Fixed an issue on M-Series appliances and PA-7000
Series firewalls where the disk-failed, disk-faulty, and pair-disappeared
RAID events had only a medium severity level in System logs. With
this fix, these events have a critical severity level. |
PAN-80687 | Fixed an issue where the firewall dataplane
restarted because the all_pktproc process suddenly started losing
heartbeats. |
PAN-80055 | Fixed an issue where using the PAN-OS XML API
to collect User-ID mappings caused slow responsiveness in the firewall
web interface and CLI. |
PAN-79247 | Fixed an issue where the firewall did not apply
your changes in host information profile (HIP) objects and profiles
to Security policy rules and HIP Match logs unless GlobalProtect
clients reconnected to the GlobalProtect gateway. |
PAN-79167 | Fixed an issue on the Panorama management server
where the members count became zero for all existing shared address
groups after you imported a firewall configuration. |
PAN-77973 | Fixed an issue where the passive firewall in
an active/passive HA deployment lost HA session updates when the
active peer had a heavy processing load. |
PAN-77648 | Fixed an issue where the show system state
filter-pretty sw.dev.interface.config CLI command did not display
the MAC address (hwaddr) or maximum transmission unit (mtu) for
aggregate Ethernet interfaces. |
PAN-76358 | Fixed an issue on firewalls in an active/passive
HA configuration where rebooting the passive HA peer caused its
interfaces to flap. |
PAN-75349 | Fixed an issue where WF-500 appliances returned
an error after 18 lines when you ran an SNMP query with a Palo Alto
Networks private enterprise OID. |
PAN-68878 | Fixed an issue where firewalls in an active/active
HA configuration sent data packets out of order. |
Recommended For You
Recommended Videos
Recommended videos not found.