Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Known Limitations


Learn about known limitations in this release for vSRX. For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.


  • On Microsoft Azure deployments, SSH public key authentication is not supported for vSRX 3.0 CLI and portal deployment. PR1402028


  • The CA profile group imported using J-Web is not populated in the Certificate Authority Group initial landing page grid, but all the CA profiles of a group are populated on the Trusted Certificate Authorities landing page. PR1426682

  • The country logo does not appear on the Threats Map page and the Events page for some countries. The time slider is not displayed properly on Screen/ATP/Security Intelligence events pages. PR1435124

Platform and Infrastructure

  • When the traffic flow is high (throughput of 2 Gbps or more), reboot of vSRX 3.0 running with Hyper-V on Windows Server 2016 is not recommended. The vSRX 3.0 VM might hang during the boot process. We recommend that you schedule a reboot or an upgrade when there is no traffic. As a workaround, to recover the vSRX 3.0 VM, restart the instance again when the traffic stops. PR1394792

  • vSRX 3.0 has a disk shortage issue when the server has less than 10 percent free disk space. The I/O rate is slow when the Hyper-V server disk runs out of storage. This causes vSRX 3.0 to stop, because it treats the disk as unreadable. To avoid this issue, we suggest that you leave more than 10 percent of disk space free on the Hyper-V server. PR1405808

  • vSRX 3.0 does not currently support the watchdog device i6300esb. As a result, in Openstack the watchdog setting should be kept disabled (hw:watchdog_action=disabled). PR1466119

vSRX Limitations in Junos Space Security Director Integration with vSRX

The following vSRX features are not supported in Junos Space Security Director:

  • Application QoS (AppQoS)

  • Layer 2 transparent mode

Specific Security Director limitations with respect to Application Firewall (AppFW), IDP, and UTM features:

  • UTM database updates are not supported.

  • Application ID (AppID) custom signatures are not supported.

In Junos Space Security Director for IPsec and routing features—Certificates for AutoVPN must be generated from the CLI. All other IPsec settings can be configured using Junos Space Security Director.