Support User Manuals

Juniper Networks 500 Network Router User Manual

Open as PDF

of 42

Juniper Networks NetScreen Release Notes

ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 15 of 42

• 02926 – The number of syslog messages sent per second from the Juniper

Networks security appliance were being limited by an internal process.

• 02924 – SMTP (Simple Mail Transfer Protocol) queued emails on Microsoft

Outlook 2003 clients timed out when a policy had the anti-virus option

enabled because you could not perform more than one SMTP transaction

within one session.

• 02909 – Embedded ICMP caused the DIP (Dynamic IP) pool memory leak

traffic flow to stop because the DIP allocation failed after no ports were

present.

• 02897 – The WebUI displayed the autokey IKE list incorrectly in instances

where a listing of 5, 10, 50, or 100 entries were in the list. It displayed only

20 items per instance.

• 02896 – An SA (Security Association) sometimes was visible in the wrong

Vsys in an environment where two Vsys both had non-active dialup VPNs

configured.

• 02880 – If you enabled the anti-virus option on a policy, and ran the

windowsupdate.microsoft.com utility on the policy, the utility hung and the

console displayed the Network Error page. The utility worked only when the

the policy had the anti-virus operation disabled.

• 02874 – A fail occurred when the device prevented packets with the wrong/

inactive virtual MAC address from being forwarded.

• 02853 – The WebUI inadvertently allowed adding a subinterface in

transparent mode causing the device to fail.

• 02841 – The device inadvertently displayed an inactive route as active in an

environment where two route-based VPN unnumbered tunnels mapped to

one VSI. This behavior only occurred when this VSI was assigned to the

Untrust zone that had an IBGP routing instance configured inside the

network.

• 02829 – When obtaining a traffic log using a specific IP address on an SSH

session by issuing the get log traffic | include command, the device failed.

For example, if you connected to the device using an SSH session and you

issued the following command (which contains an explicit IP address):

get traffic log | include 10.1.1.10

the device shut down and failed.

• 02824 – Custom zones incorrectly supported half the number of IP address

book and group entries than predefined zones did.

• 02823 – When applying the snoop filter with a destination IP address and

destination port, the filter did not work.

previous next