Juniper Networks 5XT Manual Do Utilizador
Juniper Networks
NetScreen Release Notes
ScreenOS 5.0.0r9-FIPS
P/N 093-1638-000, Rev. A
Page 15 of 42
• 02926 – The number of syslog messages sent per second from the Juniper
Networks security appliance were being limited by an internal process.
• 02924 – SMTP (Simple Mail Transfer Protocol) queued emails on Microsoft
Outlook 2003 clients timed out when a policy had the anti-virus option
enabled because you could not perform more than one SMTP transaction
within one session.
enabled because you could not perform more than one SMTP transaction
within one session.
• 02909 – Embedded ICMP caused the DIP (Dynamic IP) pool memory leak
traffic flow to stop because the DIP allocation failed after no ports were
present.
present.
• 02897 – The WebUI displayed the autokey IKE list incorrectly in instances
where a listing of 5, 10, 50, or 100 entries were in the list. It displayed only
20 items per instance.
20 items per instance.
• 02896 – An SA (Security Association) sometimes was visible in the wrong
Vsys in an environment where two Vsys both had non-active dialup VPNs
configured.
configured.
• 02880 – If you enabled the anti-virus option on a policy, and ran the
windowsupdate.microsoft.com utility on the policy, the utility hung and the
console displayed the Network Error page. The utility worked only when the
the policy had the anti-virus operation disabled.
console displayed the Network Error page. The utility worked only when the
the policy had the anti-virus operation disabled.
• 02874 – A fail occurred when the device prevented packets with the wrong/
inactive virtual MAC address from being forwarded.
• 02853 – The WebUI inadvertently allowed adding a subinterface in
transparent mode causing the device to fail.
• 02841 – The device inadvertently displayed an inactive route as active in an
environment where two route-based VPN unnumbered tunnels mapped to
one VSI. This behavior only occurred when this VSI was assigned to the
Untrust zone that had an IBGP routing instance configured inside the
network.
one VSI. This behavior only occurred when this VSI was assigned to the
Untrust zone that had an IBGP routing instance configured inside the
network.
• 02829 – When obtaining a traffic log using a specific IP address on an SSH
session by issuing the get log traffic | include command, the device failed.
For example, if you connected to the device using an SSH session and you
issued the following command (which contains an explicit IP address):
For example, if you connected to the device using an SSH session and you
issued the following command (which contains an explicit IP address):
get traffic log | include 10.1.1.10
the device shut down and failed.
• 02824 – Custom zones incorrectly supported half the number of IP address
book and group entries than predefined zones did.
• 02823 – When applying the snoop filter with a destination IP address and
destination port, the filter did not work.