Juniper Networks 204, 5200, 208, 500, 5XT, 5400 manual

displays only when you issue a ‘get event' CLI command, and not when you issue a 'get log event' CLI command.

•33916 - A Juniper Networks security appliance supports a maximum of 256 OSPF interfaces.

•33598 - For inter-vsys traffic, if both vsys define a policy with user authentication, the Juniper Networks security appliance does not prompt the user for authentication for each policy, but only once when it matches the first policy.

•33544 - Normally upon startup, a Juniper Networks security appliance with the URL filtering feature enabled, tries to connect to a Websense server. Currently this attempt to connect to a Websense server fails and the Juniper Networks security appliance logs the event.

•33027 - Juniper Networks security appliances do not support policy-based dialup VPN and MIP if the MIP is configured on the tunnel interface which belongs to a tunnel zone.

W/A: For dialup user VPNs only: use routing-based VPN and configure the MIP on a tunnel interface bound to a security zone.

•32983 - You can select multiple services in a policy, but later on, if you want to modify the services to ANY, the Juniper Networks security appliance does not let you. Instead, you get a message prompting you to use the multiple service selection dialog box, which does not contain ANY, to modify the services.

W/A: In the multiple service selection dialog box, remove all but one service from the previous selection, and then click OK. Next, select “ANY” from the Service drop-down list.

•32159 - Juniper Networks security appliances do not support a second level of certificate verification if the end entity certificate and OCSP responder certificate are issued by the same CA.

•32077 - (Juniper NetScreen-5GT only) When you enable or disable HTTP Webmail functionality, log entries are not generated in the event log (i.e. 'set/ unset av http webmail enable'; 'set/unset av http webmail url-pattern-name <name for the URL pattern>').

•32072 - (Juniper NetScreen-5GT only) When you disable AV functionality for HTTP, SMTP, and POP3, log entries are not generated in the event log (i.e. 'unset av scan-mgr content http'; 'unset av scan-mgr content smtp'; 'unset av scan-mgr content pop3').

•31364 - When performing source port translation for passive FTP data channel, the Juniper Networks security appliance translates the source port