Resolved Issues
Learn about the issues fixed in this release for vSRX.
- Flow-Based and Packet-Based Processing
- Intrusion Detection and Prevention (IDP)
- J-Web
- Platform and Infrastructure
- Subscriber Access Management
- Unified Threat Management (UTM)
- User Interface and Configuration
- VPNs
Flow-Based and Packet-Based Processing
-
Traffic in the power mode still passthrough when the ingress logic interface is manually disabled. PR1604144
Intrusion Detection and Prevention (IDP)
-
SRX Series devices pause when the show security idp attack attack-list policy combine-policy command is executed. PR1616782
J-Web
Platform and Infrastructure
-
Tag "RT_FLOW_SESSION_XXX" is missing in stream mode. PR1565153
-
PKID core during auto-re-enrollment of CMPv2 certificates. PR1580442
-
Getting UNKNOWN instead of HTTP-PROXY for application and UNKNOWN instead of GOOGLE-GEN in RT-FLOW close messages These messages can be seen in the RT-flow close log and these are due to JDPI not engaged for the session. This may affect the app identification for the web-proxy session traffic. PR1588139
-
During SaaS probing, due to race condition between APP entry addition and session processing, this core is seen. PR1622787
-
On SRX Series devices running DNS security, if a DGA was detected and the action in the configuration was set to permit, under rare circumstances, a log would not be generated by the device. PR1624076
-
Signature package update might fail and the AppID process might stop on SRX Series devices. PR1632205
-
On SRX Series devices running DNS Security, a dataplane memory leak might occur within the DNSF plugin when entries age-out of the DNSF cache. PR1633519
-
Application group name is not found for micro applications in CLI show output. PR1640040
-
The junos-ssl-term is not found in ssl-trace-new logs. PR1640075
-
The Packet Forwarding Engine process might pause on SRX Series devices. PR1642914
-
Certificate based VPN tunnel is not established. PR1655571
Subscriber Access Management
-
Same set of ciphers used in all 3 cipher categories low or medium or strong. PR1646260
Unified Threat Management (UTM)
-
New UTM content filtering CLI is changing from seclog to log. PR1634580
-
Modification of content filtering rule order after Junos OS release 21.4 would not have the desired effect. PR1653488
-
Web browser traffic might get blocked when matched to the content filtering rule with file-types 7z. PR1656266
User Interface and Configuration
-
In an SRX Series devices with chassis cluster and VPN configuration, primary node in cluster might generate kmd core files in a loop when a commit fails with lock can not be taken on other node followed by another commit. PR1608718