Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Known Limitations


This section contains the known behaviors, system maximums, and limitations in hardware and software in Junos OS Release 18.4R3 for vSRX.

Application Security

  • With AppFW configured, the HTTP CPS is 60,000. The expected HTTP CPS is 70,000. PR1339131

Interfaces and Routing

  • TCP and ICMP RPM probes take the best-effort queue of the outgoing interface in NFX3, instead of the network control queue. PR1329643

  • With vSRX 3.0 on KVM using X710 or XL710 SR-IOV for revenue interfaces, you cannot configure VLAN tagging within Junos OS because of an i40e host driver limitation. PR1378774

  • In vSRX deployments using VMware ESX, changing the default speed (1000 Mbps) or the default link mode (full duplex) is not supported on VMXNET3 vNICs.

Platform and Infrastructure

  • vSRX3.0 boot loop in Openstack environment when the watchdog device is enabled and set to “reset”. PR1466119

vSRX Limitations in Junos Space Security Director Integration with vSRX

The following vSRX features are not supported in Security Director:

  • Application QoS (AppQoS)

  • Layer 2 transparent mode

  • Specific Security Director limitations with respect to application firewall (AppFW), IDP, and UTM features:

    • UTM database updates are not supported.

    • Application identification (AppID) custom signatures are not supported.

  • The following vSRX features are not supported in Junos Space Security Director for IPsec and routing features:

    • Certificates for AutoVPN must be generated from the CLI.

    • All other IPsec settings can be configured using Junos Space Security Director.