An issue exists where the user consent dialog box remains visible on an endpoint even after the diagnostic collection request has timed out due to lack of user response. When an administrator initiates a diagnostic collection process that requires user consent, a pop-up window appears on the endpoint asking the user to approve or deny the request. If the user does not respond to this consent dialog within the designated time period, the administrative job times out, but the consent pop-up window continues to display on the user's screen indefinitely.

An issue exists where Prisma Access Agent cannot maintain simultaneous connections for both tunnels when a third-party VPN solution adds a default route to the device. This problem occurs specifically when third-party VPN clients, such as AnyConnect, are configured to modify the system's default routing table, resulting in only one tunnel being able to remain active at any given time. Since Prisma Access Agent does not control how third-party VPN clients operate or influence the underlying system routing, conflicts arise when both solutions attempt to manage network traffic routing simultaneously.

Workaround: Modify the third-party VPN configuration to remove the default route setting, which will allow the Prisma Access Agent bypass functionality to operate correctly and maintain both tunnel connections as intended.