Juniper Networks 5XT Manual Do Utilizador
Juniper Networks
NetScreen Release Notes
ScreenOS 5.0.0r9-FIPS
P/N 093-1638-000, Rev. A
Page 14 of 42
whenever the device restarts and does not effect the normal operation of the
device.
device.
• 36473 – Restarting a Juniper Networks security appliance while it was
performing an operation in flash sometimes damaged the data on the device
and caused the device not to restart or to lose the configuration.
and caused the device not to restart or to lose the configuration.
• 36235 – Adding the pre-defined service entry "ANY" in a multiple service
policy sometimes resulted in a system fail.
• 36095 – You could not change the IP address of an interface if a VIP or MIP
was configured on that interface, and the VIP or MIP was used in a policy
configuration. DHCP and PPPoE could not change the interface IP address if
a VIP was configured using the same-as-interface option.
configuration. DHCP and PPPoE could not change the interface IP address if
a VIP was configured using the same-as-interface option.
• 35977 - (Juniper NetScreen-5XT only) The Juniper Networks security
appliance sometimes dropped TCP traffic because it miscalculated the length
of the tcp-syn-check.
of the tcp-syn-check.
• 35904 – (Juniper NetScreen-5GT only) Juniper Networks security
appliances needed to support two incoming IPSec keys. When the software
lifetime was in use and after the re-key was successful, the device should
have permitted traffic using older SA's to traverse the device.
lifetime was in use and after the re-key was successful, the device should
have permitted traffic using older SA's to traverse the device.
• 35735 – A root administrator could not manage the root system from a host
that resided on a virtual system.
• 35624 – If you set the negotiation mode on a 10/100 Ethernet port to Full
Duplex and configured the holddown time on the interface to less than one
second, it caused the interfaces to go up and down.
second, it caused the interfaces to go up and down.
• 35615 – (Juniper NetScreen-5GT only) Any policies within the device
indicated traffic shaping was active for the policy. Issuing a 'get policy' CLI
command displayed an "X" under the "T", for traffic shaping, in each policy.
However, issuing a 'get policy id <number>' CLI command indicated that
traffic shaping was turned "off".
command displayed an "X" under the "T", for traffic shaping, in each policy.
However, issuing a 'get policy id <number>' CLI command indicated that
traffic shaping was turned "off".
• 35528 – In an active-passive NSRP configuration, you needed to set a
manage IP on both devices to enable each device to connect to the
entitlement server and retrieve signatures.
entitlement server and retrieve signatures.
• 34279 – (For Juniper NetScreen-5000 Series) Juniper Networks security
appliances sometimes unexpectedly dropped traffic that was processed by
the CPU module and that matched a policy in which the “Diffserv” option
was enabled.
the CPU module and that matched a policy in which the “Diffserv” option
was enabled.
• 29619 – When you used the CLI to configure SCEP, you could not specify an
already defined Certificate Authority as the recipient of the certificate
requests.
requests.
• 02940 – The device sent out multiple SNMP traps associated with the same
event after you changed the source interface for SNMP operations.