Known Issues in Panorama Plugin for AWS 1.0.x
Table of Contents
Expand all | Collapse all
-
-
-
-
-
- Features Introduced in Enterprise Data Loss Prevention 4.0.3
- Known Issues in Enterprise DLP Plugin 4.0.3
- Features Introduced in Enterprise Data Loss Prevention 4.0.2
- Known Issues in Enterprise DLP Plugin 4.0.2
- Features Introduced in Enterprise Data Loss Prevention 4.0.1
- Known Issues in Enterprise DLP Plugin 4.0.1
- Features Introduced in Enterprise Data Loss Prevention 4.0.0
- Known Issues in Enterprise DLP Plugin 4.0.0
-
- Features Introduced in Enterprise Data Loss Prevention 3.0.8
- Features Introduced in Enterprise Data Loss Prevention 3.0.7
- Features Introduced in Enterprise Data Loss Prevention 3.0.6
- Features Introduced in Enterprise Data Loss Prevention 3.0.5
- Features Introduced in Enterprise Data Loss Prevention 3.0.4
- Features Introduced in Enterprise Data Loss Prevention 3.0.3
- Features Introduced in Enterprise Data Loss Prevention 3.0.2
- Features Introduced in Enterprise Data Loss Prevention 3.0.1
- Features Introduced in Enterprise Data Loss Prevention 3.0.0
- Known Issues in Enterprise Data Loss Prevention 3.0.8
- Known Issues in Enterprise Data Loss Prevention 3.0.7
- Known Issues in Enterprise Data Loss Prevention 3.0.6
- Known Issues in Enterprise Data Loss Prevention 3.0.5
- Known Issues in Enterprise Data Loss Prevention 3.0.4
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 3.0.3
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 3.0.0
-
- Features Introduced in Enterprise Data Loss Prevention 1.0.8
- Features Introduced in Enterprise Data Loss Prevention 1.0.3
- Features Introduced in Enterprise Data Loss Prevention 1.0.1
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.8
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.7
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.4
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.3
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.2
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.1
- Features Introduced in the Enterprise Data Loss Prevention (DLP) Cloud Service
- Limitations
-
-
Known Issues in Panorama Plugin for AWS 1.0.x
The following list describes known issues
in the Panorama plugin for AWS 1.0.0.
PLUG-3806
When upgrading the Panorama plugin for AWS on peers
configured as an HA pair, if you upgrade the plugin on the secondary
peer first and the peer becomes active, the primary (now passive)
cannot function as an HA peer.
Workaround
—When upgrading the Panorama plugin for AWS
on peers that are configured as an HA pair, you must install the
plugin on the primary peer first
and commit your changes immediately
,
and then install the same plugin version on the secondary peer and
commit your changes immediately.This issue is fixed in Panorama plugin for AWS, version 1.0.1.
PLUG-2000
Spaces and special characters in user-defined tags are
now treated differently. In previous releases both spaces and special
characters caused a tag to be ignored. In the current release, user-defined
tags containing empty spaces can be retrieved, provided they do
not include special characters.
- An empty space in a user-defined tag is replaced with “/”, allowing the tag to be retrieved.For example, if your tag isfinance and accounts, the tag can be retrieved.
- User-defined tags with special characters are ignored and not retrieved.For example, if your tag isfinance&accounts, your tag is ignored and the log shows the following message:admin@Panorama>less plugins-log plugin_aws_ret.log2019-12-06 02:27:07.040 +0000 INFO: : vpc-0321945805d495d89: Tag aws.ec2.tag.Tag-spcl-char.<finance>&<accounts> has unsupported chars.. Ignoring...
Workaround
—Modify the tag to remove special characters.This issue is fixed in the Panorama plugin for AWS, version
1.0.1.
PLUG-1029
If you have more than one plugin installed on Panorama,
uninstalling the AWS plugin requires a Panorama reboot or a restart
of the configd process. So, please make sure to perform the uninstallation
during a maintenance window. For Panorama management servers in
an HA configuration, you must reboot both Panorama HA peers.
To restart the configd process :
- Log in to the Panorama CLI.
- Enter the following command:admin@ >debug software restart process configd
- Verify if the configd process has restarted.admin@ >show system software status | match configdProcess configd running (pid: 3061)
PLUG-996
For firewalls running PAN-OS 8.1, if the total number
of tags exceeds 7000 for a device group that contains a firewall
or a group of firewalls, an XML parsing error displays. This parsing
error causes the failure to register tags to the firewalls. For firewalls
running PAN-OS 8.0.x, this XML parsing error limit is met at 2500
tags.
PLUG-718
For a Dynamic address group that is not referenced in
a Security policy rule, the list of registered IP addresses displayed
on is not accurate. This is a display
issue only, and security policy is properly enforced on all your running
VMs in the VPC.
Objects
Address
Groups
Workaround
: Use the Dynamic address group in a Security
policy to see the most current list of registered IP addresses on
the firewall, or use the CLI command show object dynamic-address-group all
for
an up-to-date list of IP addresses.PLUG-676
If the memory allocation on a Panorama virtual appliance
is lower than the minimum recommendation,
you cannot access and configure the plugin. Make sure to size your
Panorama appliance properly so that you can install the plugin.
PLUG-554
Before you can uninstall the plugin on ,
you need to you
must delete the
Panorama
Plugins
Remove Config
for the plugin
and Commit
your changes. Then, on Panorama
Administrators
_aws
administrative user
account before you can Uninstall
the plugin.For HA peers, you must complete this process on the active peer
and repeat on the passive Panorama HA peer.