Known Limitations

CLI

• On Microsoft Azure deployments, SSH public key authentication is not supported for vSRX 3.0 CLI and portal deployment. PR1402028

• On a vSRX3.0 instance running on Azure, there might be one more IP address 10.1.1.1 configured on fxp0 intermittently besides the IP address assigned by DHCP, which causes a CLI upgrade failure. PR1461678

Flow-Based and Packet-Based Processing

• When traffic flow is high (throughput of 2 Gbps or more), we do not recommend that you reboot a vSRX 3.0 virtual machine (VM) running Hyper-V on Windows Server 2016. The vSRX 3.0 VM might stop responding during the boot process. We recommend that you schedule a reboot or an upgrade when there is no traffic. To recover the vSRX 3.0 VM after it stops responding, restart the instance after the traffic stops. PR1394792

J-Web

• The CA profile group imported using J-Web is not populated in the Certificate Authority Group initial landing page grid, but all the CA profiles of a group are populated on the Trusted Certificate Authorities landing page. PR1426682

• When a dynamic application is created for an edited policy rule, the list of services is blank when the Services tab is clicked and then the policy grid is autorefreshed. As a workaround, create a dynamic application as the last action while modifying the policy rule and click the Save button to avoid loss of configuration changes made to the policy rule. PR1460214

Unified Threat Management

• vSRX and vSRX 3.0 platforms with memory less than 8 GB memory do not support HA on-box AV light mode or heavy mode. PR1454623

vSRX Limitations in Junos Space Security Director Integration with vSRX

• Application QoS (AppQoS)

• Layer 2 transparent mode

• UTM database updates are not supported.

• Application ID (AppID) custom signatures are not supported.