Prisma Access Agent Addressed Issues
Focus
Focus
Prisma Access Agent

Prisma Access Agent Addressed Issues

Table of Contents

Prisma Access Agent Addressed Issues

Review the issues that have been addressed in the Prisma Access Agent.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Panorama or Strata Cloud Manager)
  • NGFW (Managed by Panorama)
  • Check the prerequisites for the deployment you're using
  • Contact your Palo Alto Networks account representative to activate the Prisma Access Agent feature
Review the issues that have been addressed in Prisma Access Agent.

Issues Addressed in Prisma Access Agent 25.4

The following table lists the issues addressed in Prisma Access Agent version 25.4.
Issue IDDescription
PANG-7865Fixed an issue where the Prisma Access Agent on Windows did not properly honor updated session timers after a user extended their session through the embedded browser. The agent now correctly adopts the newly extended session duration when users authenticate through the session expiry banner, preventing premature session termination and ensuring the Prisma Access Agent icon remains responsive in the system tray throughout the extended session period.
PANG-7960
Fixed an issue where the Prisma Access Agent on Windows blocked authentication in the embedded browser due to the Best Available - Fail Safe mechanism in the forwarding profile triggering during the initial connection attempt. The embedded browser now properly bypasses the fail-safe mechanism when the agent is configured to run in on-demand mode, enabling successful authentication on the first attempt without requiring users to cancel and retry the authentication process after a reboot.
PANG-7309Fixed an issue where the Prisma Access Agent on Windows failed to automatically switch from an external gateway to an internal gateway when the user's device woke from sleep mode after being connected to different network environments. The agent now properly detects network changes upon waking from sleep. It also automatically switches to the appropriate internal gateway without requiring manual sign-out via the pacli epm signout command and subsequent reauthentication through the Prisma Access Agent app.

Issues Addressed in Prisma Access Agent 25.3.1

The following table lists the issues addressed in Prisma Access Agent version 25.3.1.
Issue IDDescription
PANG-7012Fixed an issue where the embedded browser for Prisma Access Agent did not reuse the Windows Hello token for reauthentication, forcing users to manually enter their credentials despite having Windows Hello enabled on their devices. The embedded browser now properly leverages existing Windows Hello authentication tokens for seamless reauthentication without requiring manual credential entry.

Issues Addressed in Prisma Access Agent 25.3

The following table lists the issues addressed in Prisma Access Agent version 25.3.
Issue IDDescription
PANG-6738Fixed an issue where certificate authentication failed on Windows devices when certificates were stored in the machine certificate store, preventing the Prisma Access Agent from properly authenticating users with machine-level certificates. The agent now correctly accesses and utilizes client certificates from the machine certificate store, eliminating the need to manually import certificates to the user's personal certificate store as a workaround.
EPM-4616Fixed an issue where newly added internal gateways weren’t visible in existing Prisma Access Agent settings, preventing administrators from updating agent configurations with recently added internal gateways. The agent settings now automatically refresh to display all available internal gateways, including those added after the initial configuration, eliminating the need to create new agent settings to access newly added gateways.