Known Issues in the SD-WAN Plugin 1.0
Release
List of known issues in all SD-WAN 1.0 release.
The following list includes all known issues that impact
an SD-WAN 1.0 release. This list includes both outstanding issues
and issues that are addressed, as well as known issues that apply
more generally or that are not identified by a specific issue ID.
Refer to the PAN-OS Release Notes for
additional known issues affecting the SD-WAN 1.0 plugin.
PLUG-4189
On the Panorama management server, upgrading
the SD-WAN plugin from versions 1.0.0 or 1.0.1 causes commits to
fail.
Workaround
: Purge the existing IP subnet cache after upgrading
the SD-WAN plugin from version 1.0.0 or 1.0.1.- If you are already logged in to the Panorama CLI, log out and log back in to the Panorama CLI.
- Issue the following command:admin> debug plugins sd_wan drop-config-cache-ip-addresses
- In the Panorama web interface, selectandPanoramaSD-WANVPN ClustersVPN Address PoolAddthe appropriate VPN pool addresses.
- Commityour changes.
PLUG-3343
The SD-WAN plugin fails to display any
of the monitoring for a site and cluster with a space in the name.
Workaround:
Remove the space from the name and Commit
.PAN-146485
()
does not display the branch template stack as
PAN-OS 9.1.3 and later releases only
) On the
Panorama management server, adding, deleting, or modifying the upstream
NAT configuration (Panorama
SD-WAN
Devices
out of sync
.Additionally, adding, deleting, or modifying the BGP configuration
() does not display the
hub and branch template stacks as
Panorama
SD-WAN
Devices
out of sync
.
For example, modifying the BGP configuration on the branch firewall
does not cause the hub template stack to display as out of sync
,
nor does modifying the BGP configuration on the hub firewall cause
the branch template stack as out of sync
.Workaround:
After performing a configuration change, Commit
and Push
the configuration changes to all hub and branch
firewalls in the VPN cluster containing the firewall with the modified
configuration.PAN-144889
() as
PAN-OS 9.1.2-h1 and later releases only
) On
the Panorama management server, adding, deleting, or modifying the
original subnet IP, or adding a new subnet after you successfully
configure a tunnel IP subnet, for the SD-WAN 1.0.2 and later release
plugin does not display the managed firewall templates (Panorama
Managed Devices
Summary
Out of Sync
.Workaround
: When modifying the original subnet IP, or
adding a new subnet, push the template configuration changes to
your managed firewalls and Force Template Values
(Commit
Push to Devices
Edit Selections
PAN-144073
This issue is now resolved. See
On the Panorama management server, hub and branch firewall latency,
jitter, and packet loss data is not updated when monitoring SD-WAN
link performance ().
Panorama
SD-WAN
Monitoring
PAN-127813
In the current release, SD-WAN auto-provisioning configures
hubs and branches in a hub and spoke model, where branches don’t
communicate with each other. Expected branch routes are for generic
prefixes, which can be configured in the hub and advertised to all
branches. Branches with unique prefixes are not published up to
the hub.
Workaround:
Add any specific prefixes for branches to
the hub advertise-list configuration.PAN-123040
When you try to view network QoS statistics on an SD-WAN
branch or hub, the QoS statistics and the hit count for the QoS
rules don’t display. A workaround exists for this issue. Please
contact Support for information about the workaround.
Recommended For You
Recommended Videos
Recommended videos not found.
