Juniper Networks 5400, 5200, 208, 204, 5XT manual Known Issues from ScreenOS 5.0.0r3 for the 5000-M2

Page 35

Juniper Networks

NetScreen Release Notes

 

 

5.3.7 Known Issues from ScreenOS 5.0.0r3 for the 5000-M2

38001 – When you run the get session command, ScreenOS sometimes displays the policy ID number incorrectly as a negative number.

37993 – When enabled on a Juniper NetScreen-5000 Series system, the inter-zone IP record route option does not update the counter associated with this option. The record route option records the IP addresses of the network devices along the path that an IP packet travels. The destination device then can extract and process the route information.

37974 – When attack packets associated with the syn-and-fin, block- fragment, and unknown-protocol events attempt to enter a Juniper NetScreen-5000 Series system using a 5000-24FE secure port module when the system experiences heavy traffic, the system ASIC may not be able to transmit packets from the device. A syn-and-finattack is an instance where a TCP header contains both syn and fin flags set. A block-fragmentevent is when the NetScreen system attempts to deny entry of fragments of a larger packet that have been disassembled so they may enter the device with undetected attack content. An unknown-protocolattack is a packet that contains a protocol that the NetScreen system does not recognize.

37712 – You cannot remove an SSH key from a Vsys by running the command unset ssh pka all. When you run the command, ScreenOS does not remove the SSH key and displays a generic error message.

37640 – You can create a password name with a greater number of characters than the usual character limit (15) for passwords in ScreenOS for the Juniper NetScreen-5000 Series systems.

37497 – You could not create more than 1,500 IKE sessions (attempting to establish VPN tunnels) while the system experienced heavy traffic.

37422 – When you loaded an older ScreenOS configuration image on a new Juniper NetScreen-5000 Series system, the system failed. If the system now functions correctly, remaining active with ScreenOS displaying an error message on the console indicating a mismatch between the loaded image and the image(s) the system accepts.

37303 – You can create an environment variable with a greater number of characters than the usual character limit (255) for environment variable strings in ScreenOS for the Juniper NetScreen-5000 Series systems.

36926 – After you created the maximum number of sessions (1 million) allowed on the Juniper NetScreen-5000 Series system, and you disable a policy, the sessions do not age out in the expected way from the system.

ScreenOS 5.0.0r9-FIPS

P/N 093-1638-000, Rev. A

Page 35 of 42

Page 34 Page 36
Image 35
Page 34 Page 36
Contents Contents Version Summary Set av http skipmime Unset av http skipmime New Features and EnhancementsNew Features and Enhancements in ScreenOS 5.0.0r9-FIPS New Features and Enhancements from ScreenOS 5.0.0r8New Features and Enhancements from ScreenOS 5.0.0r1 New Features and Enhancements from ScreenOS 5.0.0r6Get log system saved Changes to Default BehaviorAddressed Issues in ScreenOS Addressed Issues in ScreenOS 5.0.0r9-FIPSJuniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes VIP cannot be contacted VIP is now alive Addressed Issues from ScreenOS 5.0.0r8 Juniper Networks NetScreen Release Notes Get traffic log include Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Dhcp IP Pool not in the same subnet with gateway/interface Juniper Networks NetScreen Release Notes Addressed Issues from ScreenOS 5.0.0r6 Addressed Issues from ScreenOS 5.0.0r7Juniper Networks NetScreen Release Notes Set interface tunnel.2 nhtb 10.1.2.5 vpn Addressed Issues from ScreenOS 5.0.0r5Addressed Issues from ScreenOS 5.0.0r4 Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Addressed Issues from Previous Releases Juniper Networks NetScreen Release Notes Limitations of Features in ScreenOS Known IssuesGeneral Compatibility Issues Compatibility Issues in ScreenOSUpgrade Paths from Previous Releases Known Issues in ScreenOS 5.0.0r9-FIPS Known Issues in ScreenOSKnown Issues from ScreenOS 5.0.0r8 Known Issues from ScreenOS 5.0.0r4 Known Issues from ScreenOS 5.0.0r7Known Issues from ScreenOS 5.0.0r6 Known Issues from ScreenOS 5.0.0r5Known Issues from ScreenOS 5.0.0r3 for the 5000-M2 Known Issues from ScreenOS 5.0.0r1 Known Issues from ScreenOS 5.0.0r3Known Issues from ScreenOS 5.0.0r2 Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Juniper Networks NetScreen Release Notes Known Issues from Previous Releases Getting Help
Top Page Image Contents