Resolved Issues
Learn about the issues fixed in this release for SRX Series.
Chassis Clustering
-
MSISDN prepended with additional digits in the logs. PR1646463
-
Failover might not happen correctly in a chassis cluster when there is a hardware issue with the Central Point. PR1651501
-
In the MNHA SRG scenario on the IPv6 switching mode, not using Virtual MAC as the source MAC address for G-NDP. PR1670309
-
GTP control packets might be incorrectly dropped or passed if there is more than one APN IMSI filter configured. PR1673879
Flow-Based and Packet-Based Processing
Interfaces and Chassis
-
The redundant Ethernet1 interface down and DCD generates cores files on node1. PR1657021
Intrusion Detection and Prevention (IDP)
-
The flowd process might generate core files when IDP policy rulebase changes. PR1657056
J-Web
Platform and Infrastructure
-
Syslog message %AUTH-3: warning: can't get client address: Bad file descriptor is displayed at J-Web login. PR1581209
-
Juniper Secure Client traffic gets dropped during reaching JSC installed client from server behind gateway in TCP path finder enabled VPN gateway. PR1611003
-
VPLS interface fails to forward traffic on SRX Series devices. PR1611400
-
Execute RSI on SRX5000 line of devices with IOC2 card installed may trigger data plane failover. PR1617103
-
Traffic might be dropped due to the TX queue memory leak on PCI interface. PR1618913
-
The PKID process stops due to null pointer dereferencing during local certificate verification in some cases. PR1624844
-
A major alarm DPDK Tx stuck issue of SRX4100 and SRX4200 devices. PR1626562
-
The show commands to display DNS cache summary, display only DNS cache C2 entries and display only DNS cache benign entries are needed. PR1631002
-
On Junos platforms kernel panic might be seen during the boot sequence. PR1638923
-
The junos-ssl-term is not found in ssl-trace-new logs. PR1640075
-
Traffic might be dropped due to the RX queue being full. PR1641793
-
Observing Error usp_ipc_client_recv_:ipc_pipe_read() due to core file,when checking show security monitoring CLI command. PR1641995
-
The flowd process might stop when back to back sigpack is updated at the time of stress traffic. PR1642383
-
On Juniper Secure Connect the remote-access-juniper-std license not getting freed up while disconnect or reconnect after RG0 failover. PR1642653
-
The IMAP or IMAPS email permitted counter is not incremented in AAMW email statistics. PR1646661
-
The severity of AAMW and SMS control and submission channel alarms have been reduced from major to minor to avoid triggering a chassis cluster failover in the event of an upstream network issue. PR1648330
-
Unable to get the firewall-authentication users details on node 1. PR1651129
-
SMB file submissions to ATP cloud failed. PR1653098
-
The control link might not come up during the reboot. PR1654838
-
Certificate based VPN tunnel is not established. PR1655571
-
The fxp0 interface might remain UP when the cable is disconnected. PR1656738
-
When service-set is configured with syslog and SSL, mspmand process might generate core files and might cause traffic disruption. PR1657027
-
Radius responses that take longer than 15 seconds can cause SRX Series devices to declare authentication failure. PR1658833
-
The configuration might roll back after performing commit confirmed and then reboot. PR1659783
-
Cache miss counter increments twice instead of one. PR1663678
-
SRX alarming SMS control channel down without SMS feature configured. PR1666420
-
Information about users groups is not displayed completely. PR1673125
-
The flowd process might stop when AAMW encounters a memory leak PR1675722
Routing Policy and Firewall Filters
-
The utility monitor security packet-drop now correctly reports policy-related drops for unified policy. PR1576150
-
Security policy state may be invalid on SRX Series devices. PR1669386
-
The rpd process might stop before software upgrade. PR1670998
-
SRX stops refreshing the FQDNs used in the security policies and NAT. PR1680749
Routing Protocols
Unified Threat Management (UTM)
User Interface and Configuration
-
The gethostbyname: hostname lookup failure is displayed during commit. PR1673176
VPNs
-
Fragmented packets might drop when PMI is enabled. PR1624877
-
Tunnel bringing up failed from strongswan when changing the configuration IKE in VR and observed the NO_PROPOSAL_CHOSEN notify error message. PR1627963
-
Severity is unknown at some IPsec syslog messages. PR1629793
-
Whenever SNMP get request is performed with multiple OIDs and a few OID requests are for invalid tunnels. PR1632932
-
IPsec tunnel might stop processing traffic. PR1636458
-
The IPsec tunnel through IPv6 might not establish after rebooting SRX Series devices. PR1653704
-
The Juniper secure connect VPN users may face login issues intermittently. PR1655140
-
The device enabled with FIPS mode and rebooted the system fails to boot. PR1655355
-
Packets traversing through a policy-based VPN get dropped when PMI is enabled. PR1663364
-
The IPsec tunnels may flap on SRX Series devices. PR1665332
-
The control plane CPU utilization might reach 100% while KMD process stuck after core files generated on SRX345 device. PR1673391