Addressed Issues

Here are issues that we’ve recently fixed for Cloud Managed Prisma Access, where you’re using the Prisma Access app as your management interface.
If you’re using Panorama to manage Prisma Access, refer to the Panorama Managed Prisma Access release notes instead for the latest updates.
ID
Description
ADI-7511
When first setting up mobile users with GlobalProtect, the button to Set Up Infrastructure Settings might appear to be disabled. Refresh your browser once or twice to fix the issue.
ADI-7377
The option to hide the best practice checks panel sometimes does not work, and the panel continues to display.
ADI-7058
The Guided Onboarding walkthroughs are for first-time setup. This means that they might not complete if you already have configuration in place. So before you begin, check that the configuration is clear for the type of deployment you want to set up (mobile users, remote networks, or service connections).
ADI-6810
If you are configuring multiple service connections to redistribute identity data to remote networks, and you encounter an error saving the data types you want to redistribute, try toggling between the service connection and remote networks configurations to reset the issue:
ADI-6114
Authentication rules now require you to specify a Service Entity and URL Category Entity. Previously, these fields weren’t required. Authentication rules that were configured before this changed, will continue to work. However, if you try to modify these rules, you’ll need to add a Service Entity and URL Category Entity to the rule before you can save it.
ADI-5484
Setting up an auto-tag based on the description field in an authentication log will show an error. To move forward and bypass the error, modify the filter so that it reads (
desc
contains abcd) and does not use the default filter (
description
contains abcd).
ADI-5416
When viewing only expired certificates on the Certificate Management page (
Objects
Certificate Management
), the number indicating the amount of matching certificates continues to display the number of
total
certificates and is not the number of expired certificates.
ADI-5368
SSL/TLS service profiles do not yet provide support for TLS 1.3.
ADI-5351
Custom URL categories that are based on a category match are not supported as part of a traffic steering rule.
ADI-5306
Auto-tag rules that target the X-Forwarded-For header associated with a log entry are not supported.
ADI-5198, ADI-5196
To add a a source or destination address to a service connection traffic forwarding rule, you must either:
  • directly type in the IP address subnet or
  • create an address object in the Prisma Access location, and add that address object to an address group. Then, reference the address object in the traffic forwarding rule.
If you use an address object that is local to the service connection in a traffic forwarding rule, you'll see an error when you try to save the rule.
ADI-4632
Tunnel and config status is sometimes not displayed for a remote network site when you visit the Remote Networks Setup page (Manage > Remote Networks > Remote Networks Setup). Refresh your browser if you see this issue and tunnel and config status will show up.
ADI-4790
Cloning a mobile user security policy rule causes the new, cloned rule to appear as a Prisma Access post rule, instead of a security rule that is specific to that mobile user environment.
ADI-4616
To set up decryption, you must use custom certificates. The default decryption certificates are not supported.

Recommended For You