Addressed Issues in Prisma SD-WAN ION Device Release 5.6.5
The following table lists the issues
addressed in Prisma SD-WAN ION Device Release 5.6.5.
Resolved an issue where the RTR Manager was
taking long time to clear the interface messages after a switchover.
Added support for displaying the SNMP engine
ID using the CLI toolkit commands.
Added support to disable less secure ciphers
on Prisma SD-WAN for SSH.
Resolved an issue where BGP routes were not
parsing properly because of repeated spaces between AS numbers.
Resolved an issue where a prefix was advertising
from both hub device as the VPNs were in active/true status on both
the hubs when VPN keepalive timers are set with a high value.
Resolved an issue where the ION 9000 device
fan was making noise with DPDK.
Resolved an issue where the hub was advertising
same global prefix for multiple VPNs resulting in traffic failure.
Resolved an issue where after tunnel and BGP
creation by the Prisma Access Cloudblade, BGP was down and did not
show any status on the portal and CLI.
Resolved an issue where the BWM server was
holding open connections in AWS deployment.
Resolved an issue where latency is miscalculated
when it is higher than 500ms for ICMP probe.
Resolved an issue where the Internet Direct
Reachability Down alarm triggered on the backup device was not getting
Resolved an issue where the Layer 7 application
were not being detected correctly.
Resolved an issue where the data center ION
device was not sending traffic to the branch ION device.
Resolved OpenSSL vulnerability CVE-2022-0778.
Resolved an issue in the IPSEC crypto offloading
process logic which affected Data Center ION 9000s running 5.6.1
or 5.6.3. As a result of this, customers may observe a degradation
in throughput performance, erroneously reported link quality latency measurements,
or VPN flaps due to missed keepalives.
Resolved an issue where DHCP relay was not
working, if the DHCP server was running on interface through which
DHCP relay packet was sent out.
Resolved an issue where, in rare cases, FC
was restarted when there was branch to branch asymmetric traffic
through the hub with both branches on different hubs transition
to the same hub.