PAN-OS 9.1.15 Addressed Issues

PAN-OS® 9.1.15 addressed issues.
Issue ID
Description
PAN-201872
Fixed an issue where SMB performance caused overall network latency after an upgrade.
PAN-201136
Fixed an issue where IGMP packets were offloaded with frequent IGMP Join and Leave messages from the client.
PAN-197859
Fixed an issue where firewalls running LSVPN with tunnel monitoring enabled where, after an upgrade to PAN-OS 9.1.14 or a later PAN-OS release, LSVPN tunnels flapped.
PAN-195628
Fixed an issue that caused the pan_task process to miss heartbeats and stop responding.
PAN-195625
Fixed an issue where authd frequently created SSL sessions, which resulted in a out of memory (OOM) condition.
PAN-194395
Fixed an issue where the firewall dropped all decrypted outbound (SSL Forward Proxy) HTTP/2 traffic after you upgraded to PAN-OS 9.1.14, which caused websites that used HTTP/2 to become inaccessible.
PAN-194025
Fixed an issue where the ikemgr process stopped responding due to a timing issue, which caused VPN tunnels to go down.
PAN-193579
Fixed an issue where new logs viewed from the CLI (show log <log_type>) and new syslogs forwarded to a syslog server contained additional, erroneous entries.
PAN-193132
(
PA-220 firewalls only
) Fixed an issue where a commit and push from Panorama caused high dataplane CPU utilization.
PAN-193008
Fixed an issue that caused the processing of incoming packets to take more time than expected, which caused latency-sensitive traffic and applications timeouts.
PAN-192404
Fixed an issue where ARP broadcasts occurring in the same time interval and network segment as high availability (HA) path monitoring pings triggered an ARP cache request, which prevented the firewall from sending ICMP echo requests to the monitored destination IP address and caused an HA path monitoring failover.
PAN-192052
Fixed an issue where, when next hop MAC address entries weren't found on the offload processor for active traffic, update messages flooded the firewall, which caused resource contention and traffic disruption.
PAN-191726
Fixed an issue where an SCP export of the device state from the firewall added single quotes ( ' ) to the filename.
PAN-191463
Fixed an issue where the firewall did not handle packets at Fastpath when the interface pointer was null.
PAN-191288
Fixed an issue where the firewall restarted due to a dnsproxy process crash.
PAN-191269
Fixed an issue where the NAT pool leaked for passive mode FTP predict sessions.
PAN-189867
Fixed an issue where, when logging in to the GlobalProtect gateway, the authentication cookie was not reused.
PAN-189861
Fixed an issue on firewalls in HA configurations where intermittent system alerts on the active firewall caused the pan_comm process to restart continuously.
PAN-189762
Fixed an issue where a predict session didn't match with the traffic when both source NAT and destination NAT were enabled.
PAN-189414
Fixed an issue where TCP packets were dropped during the first zone transfer when DNS security was enabled.
PAN-189214
Fixed an issue where, when the Advanced Threat Prevention license was present on a firewall without a Threat Prevention license, the antivirus signature update packages that were normally available to install (
Device > Dynamic Updates
) were not displayed.
PAN-189114
Fixed an issue where the dataplane went down, which caused a HA failover.
PAN-188867
Fixed an issue where the firewall dropped packets when the session payload was too large.
PAN-188338
Fixed an issue where canceling a commit caused the commit process to remain at 70% and the firewall had to be rebooted.
PAN-188036
Fixed an issue where SIP TCP sequence numbers were calculated incorrectly when SIP cleartext proxy was disabled.
PAN-186024
Fixed an issue where URL category match did not work for External Dynamic List URLS due to a leak related to the devsrvr process.
PAN-184291
Fixed an issue where the GlobalProtect portal generated a cookie with a domain as NULL instead of empty-domain, which caused users to be identified incorrectly.
PAN-183327
(
Firewalls in HA configurations only
) Fixed an issue where policy based forwarding (PBF) sessions between virtual systems (vsys) weren't pushed to the high availability peer.
PAN-183184
Fixed an issue where enabling SSL decryption with a Hardware Security Model (HSM) caused a dataplane restart.
PAN-182244
Fixed an issue where Session Initiation Protocol (SIP) REGISTER packets did not get transmitted when application-level gateway (ALG) and SIP Proxy were enabled, which caused a SIP-registration issue in environments where TCP retransmission occurred.
PAN-181366
Fixed an issue where the firewall sent an incorrect IP address on ICMP sessions in NetFlow packets when NAT was applied to the target traffic.
PAN-181098
(
PA-800 Series firewalls only
) Fixed an issue where the firewall rebooted during a software install job due to a kernel panic situation.
PAN-180916
Fixed an issue where DNS security caused the (time-to-live) value of the pointer record (PTR) to be overwritten with a value of 30 seconds.
PAN-178243
Fixed an issue where
Shared Gateway
was not visible in the
Virtual System
drop down when configuring a Layer3 aggregate subinterface.
PAN-177562
Fixed an issue where PDF reports were not translated to the configured local language.
PAN-176341
Fixed an issue where a delay to detect when an interface was down after a cable pull caused traffic to be black-holed to the downed link for 10 or more seconds.
PAN-174660
Fixed an issue where the
devsrvr
process stopped responding after a local or Panorama pushed commit. This occurred when a single NAT policy contained more than 64 address objects.
PAN-173437
Fixed an issue where the firewall did not detect that the management port was down the first time after booting up the system.
PAN-168635
Fixed an issue on the firewall where, when attempting to change the master key, the existing master key was not validated first. As a result, all firewall keys were corrupted.
PAN-168179
Fixed an issue where DHCP IP address renewal failed on the management interface
PAN-159702
Fixed an issue where FQDN refresh did not work with the error message
No name servers found!
, and no subsequent retries occurred.
PAN-151469
Fixed an issue where packets were dropped unexpectedly due to errors parsing the IP version field.
PAN-135527
Fixed an issue where verbose mode did not display additional data for the
fe20 flow lookup
command.
PAN-82223
Fixed an issue where links to severity level GIFs in HIP Check log entry details did not work.

Recommended For You