: Addressed Issues in Prisma SD-WAN ION Device Release 5.6.5

Addressed Issues in Prisma SD-WAN ION Device Release 5.6.5

Table of Contents

Addressed Issues in Prisma SD-WAN ION Device Release 5.6.5

Learn about the addressed issues in Release 5.6.5.
The following table lists the issues addressed in Prisma SD-WAN ION Device Release 5.6.5.
Issue ID
Resolved an issue where the RTR Manager was taking long time to clear the interface messages after a switchover.
Added support for displaying the SNMP engine ID using the CLI toolkit commands.
Added support to disable less secure ciphers on Prisma SD-WAN for SSH.
Resolved an issue when the ION device received an application definition update which improperly removed the mapping entries for the HTTP and SSL applications. The result of which could be, incorrect policy matches for generic HTTP and SSL traffic.

Workaround: A one time reboot of the device or a restart of the app-engine process using the command debug process restart name=tcpproxy.

Resolved an issue where BGP routes were not parsing properly because of repeated spaces between AS numbers.
Resolved an issue where a prefix was advertising from both hub device as the VPNs were in active/true status on both the hubs when VPN keepalive timers are set with a high value.
Resolved an issue where the ION 9000 device fan was making noise with DPDK.
Resolved an issue where the hub was advertising same global prefix for multiple VPNs resulting in traffic failure.
Resolved an issue where after tunnel and BGP creation by the Prisma Access Cloudblade, BGP was down and did not show any status on the portal and CLI.
Resolved an issue where the BWM server was holding open connections in AWS deployment.
Resolved an issue where latency is miscalculated when it is higher than 500ms for ICMP probe.
Resolved an issue where the Internet Direct Reachability Down alarm triggered on the backup device was not getting suppressed.
Resolved an issue where the Layer 7 application were not being detected correctly.
Resolved an issue where the data center ION device was not sending traffic to the branch ION device.
Resolved OpenSSL vulnerability CVE-2022-0778.
Resolved an issue in the IPSEC crypto offloading process logic which affected Data Center ION 9000s running 5.6.1 or 5.6.3. As a result of this, customers may observe a degradation in throughput performance, erroneously reported link quality latency measurements, or VPN flaps due to missed keepalives.
Resolved an issue where DHCP relay was not working, if the DHCP server was running on interface through which DHCP relay packet was sent out.
Resolved an issue where, in rare cases, FC was restarted when there was branch to branch asymmetric traffic through the hub with both branches on different hubs transition to the same hub.

Recommended For You