Firewall Region bug

Reply
L2 Linker

Firewall Region bug

Hello,

 

we are experiencing the bug as per the link below

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClicCAC

 

can anyone advise if this has been resolved in release 7.1.x code and if so in what release?

 

Thanks

 

Ryan

Tags (2)
Community Manager

Re: Firewall Region bug

hi Ryan

 

Did you follow the workaround to fix the issue?

This bug is pretty old, so old in fact it is not tracked for any of the current releases (so i'm pretty sure it's fixed in al currently supported OS releases

 

If you intend to upgrade, I'd recommend going to the last available maintenance release for 7.1 and then plan to move to 8.1 as 7.1 is set to reach end of life in march 2020 (8.0 is set to end-of-life by November 1st 2019)


Help the community: Like helpful comments and mark solutions
Reaper out
L7 Applicator

Re: Firewall Region bug

Hello,

If what Reaper is not working for you. Open a ticket with the evidence so that the dev team can update the lists. They use Arin results, but IP subnets are geting bought and sold and sometime vendors are a bit behind. I had an issue where an ISP in Texas was using Canadian IP's that they purchased. So my user was not able to get to any of our services, we block Canada. 

 

Regards,

Community Manager

Re: Firewall Region bug

@otakar The issue described in the article happens when you create a custom region using one of the built-in names for a region, and then deleting that custom region This locks the region in the idmgr as a custom one even though the custom one was deleted intimated of reverting to the built in (ie creating a custom "BE" region, then deleting that after a while causes the built-in BE to not pick up the iana/ripe/... ip space until you reset the idmgr) :::commit between each step is required::: :::this report is very very (4.1) old:::

Help the community: Like helpful comments and mark solutions
Reaper out
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!