Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Resolved Issues, Features, and Limitations (Patch-Wise)

 
Summary

This section lists the issues fixed in Steel-Belted Radius Carrier 8.6.0. For the most complete and latest information about resolved issues, use the Juniper Networks online Problem Report Search application.

Notations Used to Indicate resolved PRs

  • SBR_64_LINUX—64 bit version of SBR on Linux Platform Only.

  • SBR_64_SOLARIS—64 bit version of SBR on Solaris Platform Only.

  • SBR_64—Fix applicable for 64 bit version of SBR on both platforms i.e., Solaris and Linux.

Note

If there is no notation at the end of PR title, it indicates the resolution is applicable or available on ALL the SBR 8.6.0 Releases of the tagged patch release.

PRs fixed in patch R15

  • User-names with non-printable characters appended are accepted by SQL Auth. PR1481161

  • Native user with single quotes is not getting deleted in SBR GUI. [** Fix is available in full build only.**] PR1527957

  • Description of proxy realms is incomplete. [** Fix is available in full build only. Please refer the NOTES Section of SBR 8.6.0 R15 (36) for more information **] PR1499704

  • SBR Carrier Core dumps when enhanced EAP logging is enabled. PR1599169

  • “Current Sessions Count" showing strange values after applying SBR 8.6.0 R14 patch . [** Impacted for SBR 8.6.0 R14 patch applied variants on RHEL 7 only. The fix is NOT applicable for SBR 8.6.0 R14 Full build installed on RHEL8.1.**] PR1603537

  • Session Control script client connection to SBR results in TLS Handshake failure. -- [** Fix is available in full build only.**] PR1602482

  • Support of 5G AVP's Core-Network-Restrictions (1704),UE-Usage-Type (1680) and Interworking-5GS-Indicator (1706) in SWm interface. – [ ** Fix is available in full build only.Please refer the NOTES Section (37) for more information **] PR1608897

  • radiusd watchdog fails to properly start on RHEL 7 and 8. -- [** Fix is available in full build only.**] PR1612225

  • radius process frequently disconnects from data nodes when Geo-redundancy is enabled. PR1615299

  • GeoRedundency Replicated Session Doesn't get Deleted via GUI and CLI. -- [** Fix is available in full build only.**] PR1583511

  • SBR Geo Redundancy Replication Messages are not being Parsed Properly On Solaris Platform. PR1585124

PRs fixed in patch R14

  • jnprsnmpd process high memory usage. [** The fix is available in both the patch and full builds for RHEL7.X and Solaris 11.3, and available in the full builds *only* for RHEL 8.1 and Solaris 11.4. **]. PR1566472

PRs fixed in patch R13

  • Sessions authenticated by proxy module are not counted toward concurrency login limit. -- [** Fix is available in full build only . Please refer NOTES SECTION (22) for more information.**]. PR857901

  • LCI returns incorrect information for any RAS client. PR1219722

  • radius process crashes when both WiMAX module and JavaScript filters are configured. PR1349575

  • Support for the Terminal-Information AVP added for Diameter SWm, STa interfaces. -- [** Fix is available in full build only.**] PR1424137

  • Concurrency ID enhanced to support greater differentiation among plug-ins for login limit calculation and logging. -- [** Fix is available in full build only. Please refer NOTES SECTION (27) for more information.**] PR1468996

  • Static accounting SNMP traps are not available for realm-based static accounting. -- [** Please refer NOTES SECTION (23) for more information.**] PR1481402

  • JavaScript performance degraded with JSEngineRuntimeMemory = 32. -- [** Fix is available in full build only. Please refer NOTES SECTION (24) for more information.**] PR1491312

  • SBR incorrectly reports that SWx response did not contain an Origin-Host.-- [** Fix is available in full build only. **] PR1527254

  • radius process crashed due to worker thread stack size. -- [** Fix is available in full build only. Please refer NOTES SECTION (25) for more information.**] PR1531129

  • 9s6C Signalware Upgrade Support for RHEL 7. -- [** Please refer NOTES SECTION (26) for more information.**] PR1531990

  • A default value for acct-session-id is stored in the SSR for authentication requests and may cause subsequent requests to be rejected if GenerateUniqueId = acct-session-id-plus-nas is configured. PR1533255

PRs fixed in patch R12

  • The Redirect-Host AVP is not formatted as a Diameter URI in DEA responses. PR1513175

  • Webserver fails to start when using a custom SSL certificate imported with the configure script. PR1529095

PRs fixed in patch R11

  • Optimization of proxy attribute mapping. PR1451291

PRs fixed in patch R10

  • Accounting response is received even if the smart static accounting realm does not respond and is set to Primary in the proxyrl.ini configuration file. -- [** Please refer to the Notes section (16) for more information. **] PR1478650

  • The attributes related to Diffie-Hellman parameters are incorrectly logged in the RADIUS log file. PR1443456

PRs fixed in patch R9

  • Authentications are rejected when JavaScript data conversion fails . -- [** Fix is available in full build only . Please refer NOTES SECTION (14 and 15) for more information.**] PR1090357

  • The authReport reject log message for rejects due to exceeding the concurrency limit is "Unavailable" in cluster environment instead of “User usage limit exceeded”. PR1476776

PRs fixed in patch R8

  • Some MIB files are missing from installation. -- [** Fix is available in full build only **]. PR1483957

  • JDBC .jar files are not collected by SIR.sh script. -- [** Fix is available in full build only **]. PR1482494

  • Legacy clients that require unsupported weak cipher suites fail EAP authentication. -- [** Please refer the NOTES SECTION (12,13) for more information **]. PR1492338

  • Add support for Oracle 19C. -- [** Fix is available in full build only **]. PR1479994

  • Framed-IP-Address not returned in accept when Framed-IPv6-Address is returned from profile. PR1489520

PRs fixed in patch R7

  • Some MIB files are missing from installation. -- [** Fix is available in SBR_64_LINUX full build only **] PR1483957

  • JDBC .jar files are not collected by SIR.sh script. -- [** Fix is available in SBR_64_LINUX full build only **] PR1482494

  • Legacy clients that require unsupported weak cipher suites fail EAP authentication. -- [** Fix is available in SBR_64_LINUX only. Please refer the NOTES SECTION (12,13) for more information **] PR1492338

Note

The SBR 8.6.0.R-7.51589 Full Build and 8.6.0.R-7 Patch are supported only on Linux Platforms.

PRs fixed in patch R6

  • UDP Ports 2000 and 2002 are bound even if DIAMETER is not licensed. PR1293117

  • The Funk-Peer-Cert-Subject is populated from the client issuer field rather than the client device field. PR1476888

  • Added support to collect .eap configuration files in SIR.sh script. -- [** Fix is available in full build only **] PR1476836

  • SSL Record Layer tracing for Enhanced EAP Logging is not supported for TLS version 1.2. -– [**Please refer the NOTES SECTION (11) for more information **] PR1219412

  • Framed-Interface-ID attribute from accounting request overwrites Framed-IP-Address in CST. PR1469389

PRs fixed in patch R5

  • SBR auth reject report logs error code AUTH_ERR_004 instead of error code AUTH_ERR_048 when configured max-concurrent value is exceeded. PR1474738

  • SBR logs error code "AUTH_ERR_004" instead of error code "AUTH_ERR_048" for EAP NAK received. PR1475213

  • SBR logs AUTH_ERR_004","Unable to find user with matching password" instead of "AUTH_ERR_048","Unavailable" when DHCP pool IP-Addresses are unavailable. PR1475534

  • MySQL Password Stored in Global Configuration File. -- [** Fix is available in full build only. Please refer the NOTES SECTION(9) for more information **] PR1263109

  • To extend the trusted root certificate expiration time. -- [** Please refer the NOTES SECTION(10) for more information **] PR1468555

  • Wrong UDP port number is logged in authentication/accounting response from SBR. PR1457895

  • SBR with Net SNMP 5.8 generates "Cannot find module" logs in snmpd logfile. -- [** Fix is available in full build only **] PR1475784

PRs fixed in patch R4

  • Incorrect value recorded to CST Ipv4Address field. -– [**Please refer the NOTES SECTION (7) for more information **] PR1465028

  • Enhanced the reject logging for TTLS for invalid username and noUserNameProvided. -– [**Please refer the NOTES SECTION (8) for more information **] PR1468597

PRs fixed in patch R3

  • Double and single quotation marks are not escaped in CSV-style logs. PR1463491

  • SBR may core if reject logging enabled. PR1460377

  • UTF-8 multi-byte characters may be logged incorrectly. -- [** Fix is available in full build only **] PR1463693

  • Two new items added to reject logging for TTLS. -– [**Please refer the NOTES SECTION (4) for more information **] PR1459297

  • SBR may reset after receiving a malformed VSA in a RADIUS packet.-– [**Please refer the NOTES SECTION (5) for more information **] PR1458584

PRs fixed in patch R2

  • SBR cores when tracelevel is set to 2 for Proxy COA Disconnect triggered from Proxy Target. PR1457614

  • 9SP6A Signalware Upgrade for Linux. -- [** Fix is available in SBR_64_LINUX build only. Please refer the NOTES SECTION (1 to 3) for more information **] PR1459287