Juniper Networks 208 Network Router User Manual


 
Juniper Networks NetScreen Release Notes
ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 38 of 42
displays only when you issue a ‘get event' CLI command, and not when you
issue a 'get log event' CLI command.
33916 - A Juniper Networks security appliance supports a maximum of 256
OSPF interfaces.
33598 - For inter-vsys traffic, if both vsys define a policy with user
authentication, the Juniper Networks security appliance does not prompt
the user for authentication for each policy, but only once when it matches the
first policy.
33544 - Normally upon startup, a Juniper Networks security appliance with
the URL filtering feature enabled, tries to connect to a Websense server.
Currently this attempt to connect to a Websense server fails and the Juniper
Networks security appliance logs the event.
33027 - Juniper Networks security appliances do not support policy-based
dialup VPN and MIP if the MIP is configured on the tunnel interface which
belongs to a tunnel zone.
W/A: For dialup user VPNs only: use routing-based VPN and configure the
MIP on a tunnel interface bound to a security zone.
32983 - You can select multiple services in a policy, but later on, if you want
to modify the services to ANY, the Juniper Networks security appliance does
not let you. Instead, you get a message prompting you to use the multiple
service selection dialog box, which does not contain ANY, to modify the
services.
W/A: In the multiple service selection dialog box, remove all but one service
from the previous selection, and then click OK. Next, select “ANY” from the
Service drop-down list.
32159 - Juniper Networks security appliances do not support a second level
of certificate verification if the end entity certificate and OCSP responder
certificate are issued by the same CA.
32077 - (Juniper NetScreen-5GT only) When you enable or disable HTTP
Webmail functionality, log entries are not generated in the event log (i.e. 'set/
unset av http webmail enable'; 'set/unset av http webmail url-pattern-name
<name for the URL pattern>').
32072 - (Juniper NetScreen-5GT only) When you disable AV functionality for
HTTP, SMTP, and POP3, log entries are not generated in the event log (i.e.
'unset av scan-mgr content http'; 'unset av scan-mgr content smtp'; 'unset av
scan-mgr content pop3').
31364 - When performing source port translation for passive FTP data
channel, the Juniper Networks security appliance translates the source port