10-05-2012 07:52 AM
Hello
I find that in PAN 4.1.8 is new feature:
"User/Group-based Portal Configurations – The GlobalProtect Portal now supports multiple agent configurations on a per-user or user-group basis within one portal configuration."
I know that its fresh ... but I need this feature.
Is it safe to put it on my PA-200 at the moment?
With regards
SLawek
10-05-2012 09:13 AM
So far one issue that I have seen with many users is documented in this doc .https://live.paloaltonetworks.com/docs/DOC-3860
and its not a major issue. However, you can open a ticket with support so that we can have a look at your current configuration and based on that we can let you know the current issues on 4.1.8 that your might run into.
10-08-2012 04:22 AM
Hi Slv,
i am a little bit confused
PAN 4.1.8 is only a Bugfix Release with no new Features.
There is currently no other Major Release than 4.1.x available for PA 200
So this Feature should already work on your Device.
Next Major Release with new Features will be 5.0.x (no i don't know when it will be released 😉 )
It is (mostly) recommended to use the latest Bugfix Release.
Regards
Marco
10-09-2012 12:00 AM
Hi
Thats good news for me, in near future I will upgrade my device and I let you know about results.
With Regards
SLawek
10-11-2012 12:30 AM
Hello
Device upgraded sucessfully. But upgrade process take a lot of time (much longer than progress bar on web browser shows), I think that was more than 10minuts.
10-11-2012 12:46 AM
Hi,
The reboot of the device followed by the auto-commit also depends upon the Hardware Platform.
For PA 500 and 2000 series, we have seen instances where auto commit takes a while to complete as compared to 5000 series
Regards
Parth
10-18-2012 05:47 AM
4.1.8 looks a lot better for production than 4.1.6 ever was. I now regard 4.1.6 as "toxic"! That said, I've only upgraded Panorama to 4.1.8 so far, with the PANs still running 4.1.6, but already a couple of really annoying bugs are fixed in Panorama and at least one weird and mysterious failure on the PANs seems to be fixed simply by uploading policy from it.
In our 4.1.6 setup, it seems almost certain now that adding or changing any rule might have impact on any other rule in any zone, or on Layer 2 functionality. Completely random. After going to 4.1.6, we suffered gradual lost or mangled functionality in H.245, H.323, ARP caching, db2... these are just the ones I've scratched my head over while the logs tell me all's well and the users scream blue murder. I would like to nominate 4.1.6 as a candidate for withdrawal, tbh.
10-24-2012 07:08 AM
Just to add a little bit more: I updated our 5020s from 4.1.6 through 4.1.7 to 4.1.8 on Tuesday morning (took 17 minutes each) and everything is running sweetly with no user complaints so far. Seems to me that UTM is working far more efficiently - or reporting far more - in 4.1.8, for which I am grateful.
10-25-2012 02:30 AM
No change in commit times, although with the 5000 series they have never been shabby anyway. About 40 seconds? Sounds about right.
10-25-2012 03:31 AM
Perhaps thats why the 3000-series are coming in order to replace the 2000-series regarding commit times (in reality more ram and faster mgmtplane cpu to lower the commit times from 20 minutes or more to sub minute)?
10-25-2012 03:59 AM
I am running a 2020 series box but I have not noticed any notice to the commit times. It's still as slow as ever. Although reading mikand's comment of it taking 20 minutes to commit then perhaps my commit time of up to 10 minutes at times is not that bad?
10-25-2012 04:39 AM
I was told, on my Palo course earlier this year, that the management CPU on the 5000s is basically Intel quad-core - possibly the same on the 4000s - but on the smaller devices I'm not sure. 10-20 minutes is something I cannot imagine.... bet you guys take pains to get changes right first time, every time. You have my sympathy, not that it helps.
11-14-2012 12:44 AM
I have it running since about 2 weeks. To my feeling, the GUI and commit times are somewhat better.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
