PAN-OS 10.1.9 -- CAUTION

Showing results for 
Show  only  | Search instead for 
Did you mean: 

PAN-OS 10.1.9 -- CAUTION

L6 Presenter

I would highly recommend waiting on deploying 10.1.9 in your enviornment, whether it be large enterprise or SOHO.


Recently my company had upgraded a 5250 pair from 10.1.8 to 10.1.9 as we had experienced 2 service impacting bugs.


After upgrading 10.1.9 we found that the FW was exhibiting odd behavior where traffic which had specific allow rules for it wasn't matching the defined allow rules and was instead being denied all together or was matching a different rule lower in the policy stack.


What made troubleshooting this further was the traffic which was being denied, that shouldn't have been, could only be seen in the session browser as being denied.  Even hours later the incorrectly denied traffic was nowhere in the GUI logs; and could only be found in the CLI by using the session ID from the temporary session browser view while the session existed there.


We had a log P1 TAC case that unfortunately found no cause for this behavior so we downgraded back to 10.1.8 and all services were restored.


Traffic types effected were:





Non-decrypted HTTPS TLS1.2 (That we saw)


Community Team Member

Hi @Brandon_Wertz ,


Thanks for sharing! This is great feedback that can be helpful for our users. 

LIVEcommunity team member
Stay Secure,
Don't forget to Like items if a post is helpful to you!

Cyber Elite
Cyber Elite

10.1.9-h1 was just released to the public, however it doesn't look like the release notes have been published just yet. 

Cyber Elite
Cyber Elite

OK so 10.1.8 is pretty good?

L7 Applicator

To piggyback on the topic.

March 7 dynamic update updated threat id 32968 that has loads of false positives in SMTP traffic and no fix out yet...

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!