Palo Alto Networks | PAN-244648

The earliest recollection of this bug is traced back to PAN-OS 10.2.6 - May 17, 2024. This bug is fixed in PAN-OS versions 10.2.8, 11.1.3. Fixed an issue where, when FIPS was enabled in maintenance mode, the firewall rebooted and returned to maintenance mode. ( PA-5200 Series firewalls only ) After a factory reset, the firewall may get stuck in maintenance mode and be unable to load the boot image. The firewall fails to enable FIPS-CC mode during this time. Workaround: The following workaround allows the firewall to boot in normal mode but does not apply to FIPS-CC mode. Attempting to enable FIPS-CC mode after using this workaround will cause the firewall to reboot and re-enter maintenace mode. Enter maintenance mode. Select Disk Image Advanced Options . Select Bootstrap with the options panos-10.2.8 , maint , and maint . Select Bootstrap with the options panos-10.2.8 , sysroot0 , and panos . Select Bootstrap with the option sysroot0 . Select Reboot . For more information: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-6-known-and-addressed-issues/pan-os-10-2-6-known-issues https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-release-notes/pan-os-10-2-8-known-and-addressed-issues/pan-os-10-2-8-h4-addressed-issues https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-3-known-and-addressed-issues/pan-os-11-1-3-addressed-issues