Juniper Networks 5XT User Manual
Juniper Networks
NetScreen Release Notes
ScreenOS 5.0.0r9-FIPS
P/N 093-1638-000, Rev. A
Page 20 of 42
• 02333 – When a device attempted to block files with a .exe extension, it
incorrectly blocked files with .zip extensions.
• 02326 – A device incorrectly created sessions if the IP address had a unicast
destination while the destination MAC address had a multicast destination.
• 02298 – Commands related to NHTB (Next Hop Tunnel Binding) did not run
when you used a blank character when creating a tunnel name for NHTB.
• 02297 – An anti-virus scan dropped connections with selected HTTP and
HTTPS sites.
• 02116 – When the lifetime of an IKE Phase 2 SA (Security Association)
reached a threshold defined by the soft lifetime buffer, a Phase 1 rekey and a
delete notification for the P2 SA was generated after the P1 rekey.
delete notification for the P2 SA was generated after the P1 rekey.
• 02026 – When a device attempted to contact a RADIUS server and the
server was unavailable, the device corrupted the server reply after it was
stored in device memory.
stored in device memory.
• 02024 – When a device contacted a RADIUS server for authentication while
the server was performing many RADIUS authentications, the device
corrupted the server reply after it was stored in device memory.
corrupted the server reply after it was stored in device memory.
• 01957 – The WebUI did not contain the ISP connection Test button under
the Configure column in the ISP screen because a previous revision of
ScreenOS was released with the button removed. The button now appears in
this location.
ScreenOS was released with the button removed. The button now appears in
this location.
• 01822 – A Juniper NetScreen-5000 device incorrectly sent packets from an
inactive VSI (Virtual Security Interface). The device now first considers
whether a VSI is active before it sends packets from it.
whether a VSI is active before it sends packets from it.
• 01862 – After upgrading a Juniper NetScreen-5400 to ScreenOS 4.0.1-
SBR.2a2, the get ip-classification command displayed incorrect data for IP
classifications currently on the device.
classifications currently on the device.
• 01782 – A hidden command incorrectly dropped an incoming packet to a
Juniper NetScreen-5000 device when an ARP entry was not present on the
device. The device now responds properly to an incoming packet when no
ARP entry is present, placing the packet in a queue of other packets and
forwarding it after six seconds.
device. The device now responds properly to an incoming packet when no
ARP entry is present, placing the packet in a queue of other packets and
forwarding it after six seconds.
• 01779 – The Track-IP operation in an Active-Active setup on an HA pair of
Juniper NetScreen-5000 devices incorrectly selected an outgoing interface in
a random manner.
a random manner.
• 39499 – The CPU utilization on a device increased by 10 percent if the device
could not connect to the Security Manager Device Server.