Resolved Issues

Clearpass auth entry is getting deleted post successful ISSU. PR1732210

Both primary and secondary nodes in chassis cluster go into disabled state in HA link down scenario. PR1540654

Core files are generated on both the nodes of HA cluster setup when it is upgraded to Junos OS release 21.2 and above. PR1736985

Certain video streaming services continuously buffer when safe-search and HTTP persistent mode is enabled. PR1755998

The wf_key_ng_juniper support for NG. PR1768183

The flowd process generates core files by Web filtering. PR1772232

Traffic loss is observed for the existing session if there is an update for the next-hop MAC address PR1755181

CPU utilization calculation is inaccurate. PR1756972

In a chassis cluster setup the flowd pause and SPC cards will fail. PR1761542

The GTPv2 create session response and packets might get dropped. PR1771176

The NSD process goes high on primary device when the Tenant System is configured. PR1776480

TCP sessions might get reset during MNHA traffic failover. PR1782444

The srxpfe process pause when ATP Cloud turned on. PR1783101

PMI sends packets to the wrong destination. PR1783595

Packets over GRE or IPIP or GRE(PMI) might not reach destination. PR1791633

The GTP-U packet destination port gets duplicated to the source port and subsequently discarded by policy. PR1798041

The commit might not go through when more than 128 vrf-groups for Layer 3 VPN configuration are configured. PR1802089

VXLAN session not created after committing FTI configuration on both devices. PR1807339

Update microcode to version 0x3a or later upon upgrade to Junos OS release 21.4. PR1608045

High latency will be observed while pinging to peer device. PR1714620

Transition Junos OS kernel random number generator from hashing algorithm SHA-256 to SHA-512. PR1723499

Traffic drops might be observed when a BGP session comes up after the network flap. PR1732876

SRX4100 and SRX4200 accepts the datapath-debug configuration although it does not support it. PR1739559

ISSU upgrade pause on Junos OS release 23.2 onwards. PR1739673

On SRX1500, PEM alarms are displayed due to hardware limitations to read I2C. PR1751496

ARP resolution failure for lt interfaces is observed after cluster failover. PR1753191

VM host memory exhaustion results in image installation failure and brings down the Routing Engine (RE) during the upgrade. PR1755585

DNS proxy feature not working on logical tunnel interfaces. PR1760684

Application package version shows as 0 after upgrade to FreeBSD12. PR1766132

After the device reboot JSC stops accepting user connections. PR1766594

Inter and intra VLAN traffic drops. PR1770303

DHCP server not responding to some clients. PR1770332

RE switchover observed in SRX5000 line of devices when Ethernet switchports failure scenario on SCB. PR1774760

Features utilizing inactive routes might not work properly after the device reboot. PR1774975

Traffic drop observed right after boot up on SRX4600. PR1775083

IPsec tunnel behind NAT stops passing traffic when the NAT port number or IP address changes. PR1776216

The Wifi Mini-PIM card will be down upon upgrading the device. PR1776400

Interfaces stay down when 1 G SFP fiber transceiver connected to SRX380. PR1776656

Unexpected failover will be seen when there is communication loss between CP and SPU with web-authentication or web-redirect is configured. PR1780282

IP monitoring fail to install route after HA cluster reboot. PR1780326

Junos OS and Junos OS Evolved: Impact of Terrapin SSH Attack (CVE-2023-48795). PR1781732

Chassis alarm not present for if /var partition usage exceeds 100 percent. PR1784983

Validate result is in processing state for more than 5 minutes, when the configured validator port is in incorrect. PR1786432

The flowd process pause when the TLS 1.3 session ticket is received on SSL-I. PR1788673

The srxpfe or flowd process might pause while trying to update the path probe statistics. PR1790782

The ISSU fails in Layer 2 HA cluster deployment. PR1803376

The sxrpfe and fwauthd processes pauses sometimes. PR1804149

IPsec VPN is getting flapped due to warning messages on MIST controlled devices. PR1805493

IP-IP tunnel with hostname does not work on SRX300 line of devices. PR1755011

The interfaces of secondary node might shows Link-mode: Unknown. PR1773597

The flowd process pause when the device is rebooted. PR1786822

J-Web UI cannot be launched. PR1766378

On the J-Web, edit icon under the interface is not working. PR1772267

Dynamic applications, Certificate Management, and NAT destination Page display errors. PR1784905

J-Web default session limits have been aligned with CLI default values. PR1788364

J-Web does not display address book entries properly after certain operations. PR1789466

E2E packet capture will be corrupted. PR1761928

A flowd process pause if CP receives the packets due to some hardware memory issue. PR1775880

Traffic loss due to PPM not offloading LACP. PR1779749

The chassis cluster failover is seen post ISSU. PR1784775

Insufficient power alarm observed in SRX5000 line of devices. PR1787219

FPC reboot seen on SRX Series Firewalls with SPC3 card post RG failover. PR1793262

The dfwd process generates core files on node1 when performing ISSU upgrade to Junos OS release 23.1 and more. PR1794303

DNS and NTP might not be working as expected on Junos OS release 23.3 version above. PR1795068

The srxpfe process pause when the policies referring to a dynamic-address is changed. PR1769889

Security policies might go out of sync during ISSU. PR1783249

OSPF route flap might be observed. PR1774715

SSH configuration changes do not come into affect on an existing outbound SSH client connection. PR1791814

SRX Series Firewalls with transparent mode might fail to create a new flow session for multicast traffic when VLAN has l3-interface. PR1780182

Packet and byte counters in flow session result or traffic log are not correct for traffic uses Content Security or ALG services when SRX Series Firewalls are working as Layer 2 mode. PR1787772

IPsec rekey fails when kilobyte based lifetime expires. PR1527384

ADVPN connection limit shortcut limitation not working as expected. PR1759738

In chassis cluster setup after failover AAMW status will remain in the requesting server certificate validation state on the new primary node. PR1765321

IPsec tunnels might not be established due to memory leak. PR1773276

In the MNHA scenario traffic drops are observed after failover. PR1777531

SCTP does not work correctly. PR1778106

The ikemd process pause when IKE traceoptions is configured. PR1780468

The kmd or iked process pause under rare circumstances. PR1783738

Traffic loss after deleting the traffic selector from the VPN configuration. PR1785346

Tunnel IKE and IPsec fails to come with Layer 2 HA and FIPS after switchover. PR1793207