The earliest recollection of this bug is traced back to PAN-OS 11.2.0 - March 13, 2025.
This bug is fixed in PAN-OS versions 11.2.1.
Fixed an issue where Client Hello packets were dropped when SSL/TLS handshake inspection was enabled.
TLSv1.3 hybridized Kyber support in the latest versions of Chrome and Edge browsers results in dropped Client Hello packets when SSL/TLS handshake inspection is enabled. Workaround: Disable SSL/TLS handshake inspection .
For more information:
https://docs.paloaltonetworks.com/pan-os/11-2/pan-os-release-notes/pan-os-11-2-0-known-and-addressed-issues/pan-os-11-2-0-known-issues
https://docs.paloaltonetworks.com/pan-os/11-2/pan-os-release-notes/pan-os-11-2-1-known-and-addressed-issues/pan-os-11-2-1-addressed-issues
https://docs.paloaltonetworks.com/pan-os/11-2/pan-os-release-notes/pan-os-11-2-5-known-and-addressed-issues/pan-os-11-2-5-known-issues
