Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
01-28-2014 01:00 AM
I installed PANOS 6 on our Lab Box. Upgraded from 5.0.9. No problems so far.
Anyone else ?
02-24-2014 01:53 PM
I installed PANOS 6...have some issue with ftp (known bug)
03-13-2014 01:18 PM
You need update the content version first, and after this you should have no problems for update at version 6.0.0
03-17-2014 07:30 AM
Got the same problem. Upgrade from 5.10 to 6.1 !
User ID do not match with "included user groups" and all traffic is denied.
03-18-2014 12:02 AM
Try and rebuild the userinfo.xml file using the following commands:
> debug user-id clear group all
> debug user-id reset group-mapping all
> debug user-id reset user-id-manager type user-group
> configure
# commit force
This will force the firewall to rebuild the userid.xml file based on a refresh from the LDAP server. If this doesn't work, give support a call so that we can take a look.
03-25-2014 06:52 AM
Dont think so. Havent found any article about it !
03-25-2014 07:42 AM
Try this as a work around until the bug is fixed:
Under Device > User Identification >Group Mapping Settings > Group Include List > Included Groups
If you have groups here, delete them all.
Commit and refresh/reset group mapping if needed.
04-07-2014 05:55 AM
Had a remote session with PaloAlto Support.
They found out, that there is a problem/bug with the translation of the group names : Policy was entered the name "Domain\Group name" but the mapping has just the "cn= .... " format.
To "solve" the problem temporary, use the cn=.... format in the Policies.
A bug fix is the development.
08-29-2014 08:02 AM
check this link, other users experiment a data plane crashing in version 6.0.3
09-03-2014 09:43 AM
what known bug is this?
09-04-2014 09:16 AM
What I found during our update was the PAN-OS 6.0 upgrade was treating the groups like users. Once I went through an deleted the old group and re-added them I found the the configuration line was referencing the entire LDAP search string.
We didn't have that many groups in policy so it only took an hour or so to fix.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
