most stable panos 6?

Showing results for 
Show  only  | Search instead for 
Did you mean: 

most stable panos 6?

L3 Networker


we're planning on upgrading from version 5.0.8 to version 6.x.x. Which version of panos 6 is the most stable?



L6 Presenter

we use 6.0.4 almost everywhere...we did not see any issue.

L3 Networker

Have been running 6.0.4 on Panorama and endpoints for a while now.  All good thus far. Smiley Wink


L4 Transporter

I can also confirm that on my 6.0.4, I have had no issues here.

Of course, experiences may vary. Seems that the general consensus is that 6.0.4 is pretty stable.

Please let us know if you have any specific issues and make sure to backup (save named configuration snapshots and export for safety) prior to the upgrade! Smiley Happy

L2 Linker


is there official documentation from Palo Alto Networks with recommended version of PAN-OS 6.0.x?

I apologize if the answer is already on portal.

Thank you,



L3 Networker

Upgraded our endpoints to 6.0.6 (for Shellshock); covering all our 7050s and 50x0..  Have been running without incident since then.   All M-100s (Panorama, and loggers) bumped to Flores (6.1.0) to take advantage of additional interfaces.


L2 Linker

We are at 6.0.6, down from 6.1 after a data plane failure caused us downtime, even though we use HA. There is a case being worked, and supposedly a fix is in the works.

PA wil always tell you to use the latest version. If you have a technical issue, that's the first thing they will ask you to do Smiley Wink


6.0.7 was released - and problably most wanted by many users Smiley Wink

Releases notes:

I'm waiting for 6.1.2 with my issues Smiley Sad



L2 Linker

So, I know this is a little dated but I've got the same question.  Based on previous responses I'm going with 6.0.4...  However, I also contacted support to get their input since most users I've spoken with via conferences, etc... suggest staying a couple versions back, but haven't heard back yet.  I see the latest release as of today, Feb. 4th, 2015, is 6.0.8.  Just wondering if anyone's got any experience with anything past 6.0.4.



L3 Networker

We use 6.0.6 and will go to 6.0.8 for vulnerability issues within the next few weeks. Mainly the following:

73111—Dataplane restarts were caused by a race condition between dataplane packet processes, where the session resource allocation became out of sync between central processing units (CPUs). A fix was added to keep session resource allocation in sync between dataplane processes.

71486—A fix was made to address an issue with user input sanitization to prevent Cross-site Scripting (XSS) attacks against the web interface.

71321—Removed support for SSL 3.0 from the GlobalProtect gateway, GlobalProtect portal, and Captive Portal due to CVE-2014-3566 (POODLE).

71320—Removed support for SSL 3.0 from the web interface due to CVE-2014-3566 (POODLE).

L4 Transporter

We upgraded to 6.0.6 also.  No issues here.

It was also pushed out due to Shellshock and POODLE so I would suggest at least upgrading to this

We upgraded from 5.0.11 to 6.0.7 and ran into a bug that has been fixed in 6.0.8.  The bug is with HA.  The PA thinks it's not synched but it really is(configs and sessions are actually syncing).

L2 Linker

Thank you everyone for your feedback.  We took the opportunity to upgrade from 5.0.11 to 6.0.8 based on feedback both from support and the community.  So far, so good.

Not applicable

We used to use 6.0.4 but moved to 6.0.6 after the poodle vulnerability. And again to 6.0.8 after another vulnerability. Odd thing was we ran into an issue with a client who had 6.0.5 where the outside interface was DHCP and it was just not getting anything. 6.0.4 and 6.0.6 got the ip address, outage window ran out so we did not open a case.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!