Juniper Networks

NetScreen Release Notes

 

 

3. Changes to Default Behavior

There are numerous changes in default behavior. For detailed information on changes to default behavior in ScreenOS 5.0.0, refer to the Juniper Networks NetScreen ScreenOS Migration Guide.

Specific changes in default behavior in ScreenOS 5.0.0r9-FIPS release:

The unset vendor-defCLI command removes all files stored in flash memory except the license file.

Security Manager does not work with this release.

4.Addressed Issues in ScreenOS 5.0.0

The following sections detail addressed issues in each release of 5.0.0.

4.1Addressed Issues in ScreenOS 5.0.0r9-FIPS

03875 – After attempting to update a new configuration to the device from Security Manager to the primary Juniper NetScreen-5200 system in an active-passive HA pair of Juniper NetScreen-5200 systems, the primary system failed. The backup system failed a minute and a half later.

03637 – When the firewall acted as a TCP proxy server, and if the server returned the syn-ack packet too late in response to a syn packet, the relevant firewall flow resource could be released too early and caused the firewall to fail.

03632 – When you have two VOIP phones connected to a trust and an untrust zone on a Juniper NetScreen-5GT running in extended mode, and you tried to place a call, the phone obtained its IP address from a DHCP server.

03607 – When two 5000-24FE system running in an NSRP active-passive transparent mode, where the e2/25 and e2/26 interfaces connected to a switch, stopped passing traffic and displayed the following meaningless message on the console:

get log system saved

03600 – If you issued the get tech command for a Juniper NetScreen-5400 in an NSRP active-passive configuration while the system was busy, the system failed.

03569 – A Juniper NetScreen-5000 Series system could fail due to flow memory corruption from out-of-order TCP packets.

03558 – A trace route or ping operation sometimes caused memory corruption, causing the device to fail.

ScreenOS 5.0.0r9-FIPS

P/N 093-1638-000, Rev. A

Page 5 of 42

Page 5
Image 5
Juniper Networks 5400 Changes to Default Behavior, Addressed Issues in ScreenOS 5.0.0r9-FIPS, Get log system saved