M-100 Panorama cluster A/P upgraded to 8.1.5. For now the panorama working as expeted without issues. For now looking stable PANOS8.1.5 Also we have 3060 cluster firewall upgraded to 8.1.5, for not working as expeted.
With Panorama we experimented issues due to you need active "suspend local device" to upgrade the devices, if you not active this option each time that you start the upgrade proceess the device get stuck on 36% of progress. And you need restart the management server (debug software restart process management-server).
I've also had problems with 8.1.5 dropping all traffic - the same as DonJarmon - it occurs after antivirus updates each day at 11pm. It's highly disruptive and creates a massive outage to service. Traffic that is normally permitted ceases to be permitted and starts hitting the default deny rule.
Forcing a FQDN refresh and clearing SIP sessions (for some reason these get stuck too) brings everything back to life.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm68CAC has it listed as PAN-100244 but it seems to me to be affected and resolved in completely the opposite versions, namely present in 8.1.5 but not present in any versions prior.
I have gone back to 8.1.4 now as I can't afford to have this sort of problem leading up to holidays. This is the first major problem I've encountered in a maintenance release.
@ReubenFarrelly That is very disconcerting that you are seing this in 8.1.5. We're seeing sporadic denies of traffic going out to Office 365 on 8.1.4. We use an EDL for the Destination, and I was told by a Palo Alto rep that this is a known bug (PAN-100244) and is fixed in 8.1.5. As a precaution, I have set the Antivirus updates to only execute once at 5:15am. I will have someone on the early shift monitor traffic after that time, and with any luck, hopefully we are unaffected. If will let you all know how it goes. Fingers Crossed!
Having issue with SNMP ifInOctets/ifOutOctets in PanOS 8.1.5:
So I'm seeing issues with URL Filtering blocking URLs that are allowed by policy as "allow" or "alert" in 8.1.5. I've got a ticket open, and I'm just waiting on support.
Support requested I upgrade from 8.1.1 to 8.1.5 because of an issue we had. I was really worried after reading this but so far I have had no issues with 8.1.5.
Just my 2 cents so far. :)
We moved to 8.1.5 and one week later to 8.1.6 because Data Plane CPU usage raises to 90-98% at production time (PA 3060).
At the moment, support suspects about SMB deep packet inspection but we need to clarify the issue. With 8.0.7 Data Plane CPU usage was 30-60%.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!