Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Open Issues

Learn about open issues in this release for vSRX.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • On Junos SRX5600 and vSRX3 platforms while upgrading from an older JUNOS version to 22.4R3-S1 or 22.4R3-S2, the upgrade process can fail as the rpd crashes as part of validation process. This is seen if the router config has Multicast/Internet Group Management Protocol (IGMP) or Broadband Edge configuration.PR1810817

  • Found that for this tenant_id : s3idh8g4cbe4p5pk we had 64 feeds in SecProfiling category, but only 19 feeds are stored in CDB - secintel_feeds. Because of this only 19 feeds were listed on UI. But while creating a new feed, it is checking if new SecProfiling feeds can be created for the tenant_id in schedule DDB table . Since we have already 64 (which is the max number of feed per tenant)feeds in DDB table, it throws an error - Feed creation error: Feed count limit(64) reached for category: SecProfiling. After running the scripts to create feeds, we need to have scripts to delete the feeds from DDB too so that the data will be accurate during testing. I have removed unwanted entries from DDB table(Now only 20 feeds for the tenant). From now new feeds can be created for Adaptive Threat Profiling sectionPR1819444

  • As per OpenSSH 9.0/9.0p1 release notes: "This release switches scp(1) from using the legacy scp/rcp protocol to using the SFTP protocol by default." In this case, since we are running OpenSSH 9.0 and above- OpenSSH_9.7p1 , this uses the "SFTP" protocol by default when scp command is invoked from shell. However, vSRX3.0 supports the "SCP" protocol by default when scp command is invoked. So to use the legacy "SCP" protocol from shell, please use the -O command line option For example: scp -O other options/arguments Note: Incoming SCP connections from outside hosts that are running OpenSSH version 9.0/9.0p1 could fail since sftp-server is disabled by default in Junos OS . Hence, users should either use the -O option on remote host while initiating scp file transfer OR enable sftp-server in the Juniper configuration. To enable sftp-server in Juniper configuration, use the following hierarchy: "set system services ssh sftp-server"PR1827152

  • On SRX3xx series configured with native-vlan-id, after upgrading an SRX3xx series device to Junos version 23.4R1 or higher, the native-vlan-id option disappears from the interface settings. If native-vlan-id was set before the upgrade, the device keeps the setting but it doesnt apply it to the interface. Trying to delete native-vlan-id causes a syntax error. The native-vlan-id feature doesn't work, and if a custom VLAN ID (other than 1) was used then traffic for that VLAN will be affected.PR1847366

Network Address Translation (NAT)

  • The existing RSI misses out on few important information from NAT plugin, which can now be collected via a new RSI CLI command - "request support information security-components nat". This will provide more data and help in better debugging.PR1825372