Juniper Networks | NetScreen Release Notes |
| |
5.3.7 Known Issues from ScreenOS 5.0.0r3 for the 5000-M2
•38001 – When you run the get session command, ScreenOS sometimes displays the policy ID number incorrectly as a negative number.
•37993 – When enabled on a Juniper NetScreen-5000 Series system, the inter-zone IP record route option does not update the counter associated with this option. The record route option records the IP addresses of the network devices along the path that an IP packet travels. The destination device then can extract and process the route information.
•37974 – When attack packets associated with the syn-and-fin, block- fragment, and unknown-protocol events attempt to enter a Juniper NetScreen-5000 Series system using a 5000-24FE secure port module when the system experiences heavy traffic, the system ASIC may not be able to transmit packets from the device. A syn-and-finattack is an instance where a TCP header contains both syn and fin flags set. A block-fragmentevent is when the NetScreen system attempts to deny entry of fragments of a larger packet that have been disassembled so they may enter the device with undetected attack content. An unknown-protocolattack is a packet that contains a protocol that the NetScreen system does not recognize.
•37712 – You cannot remove an SSH key from a Vsys by running the command unset ssh pka all. When you run the command, ScreenOS does not remove the SSH key and displays a generic error message.
•37640 – You can create a password name with a greater number of characters than the usual character limit (15) for passwords in ScreenOS for the Juniper NetScreen-5000 Series systems.
•37497 – You could not create more than 1,500 IKE sessions (attempting to establish VPN tunnels) while the system experienced heavy traffic.
•37422 – When you loaded an older ScreenOS configuration image on a new Juniper NetScreen-5000 Series system, the system failed. If the system now functions correctly, remaining active with ScreenOS displaying an error message on the console indicating a mismatch between the loaded image and the image(s) the system accepts.
•37303 – You can create an environment variable with a greater number of characters than the usual character limit (255) for environment variable strings in ScreenOS for the Juniper NetScreen-5000 Series systems.
•36926 – After you created the maximum number of sessions (1 million) allowed on the Juniper NetScreen-5000 Series system, and you disable a policy, the sessions do not age out in the expected way from the system.
