Resolved Issues

Junos OS: SRX 5000 Series: Upon processing of a specific SIP packet an FPC can crash (CVE-2023-22408) PR1658604

SIP 200 OK(INVITE) response packets are dropped leading to SIP Call failure PR1677554

SIP calls are getting dropped due to NAT failure and SIP ALG is enabled PR1686613

Policy configured with condition route-active-on import is not working properly after RG0 failover. PR1686648

Chassis cluster IP monitoring on the secondary node failed after the system reboot on the SRX platforms. PR1691071

GTPv2 message filtering not working. PR1704472

"show interfaces queue interface" command output not correctly displaying bps values for throughput higher than 4.25Gbps PR1596172

22.2R1:SRX5K:SD-WAN: To track RE and PFE sync issue with NAT configs and closed scan session counter issue PR1661796

In SD-WAN the association between VRF instance and VRF group fails for ISSU from 19.2~21.1 to 22.2R1 PR1661935

The flow sessions traversing the IOC2 card would time out early when Express Path is enabled PR1688658

SOF was incorrectly offloading short-lived flows leading to early exhaustion of NP memory, reducing overall device performance PR1692100

The PMI mode IPSEC tunnel on SRX4100/4200/4600, vSRX, and SRX5K with SPC3 card will core when the route is changed frequently PR1705996

All the security policies on Junos SRX platforms can get deleted while trying to delete any particular policy via J-Web PR1681549

MNHA: Incorrectly a warning is thrown at commit check for Source NAT config when the source-address or destination-address of the NAT rule is set as 0.0.0.0/0 PR1699407

High logging rate may cause 'eventd' to increase RE CPU utilization PR1661323

SMS Channel Down alarm on primary node of HA pair after upgrade PR1629972

21.3R2:SRX_RIAD:srx1500,srx4200:SKYATP:IMAP/IMAPS Email permitted counter is not incremented in AAMW email statistics while testing whole email block. PR1646661

Packet loss might be seen on SRX4100 and SRX4200 devices from 20.2R2 PR1650112

Split tunneling feature will not work PR1655202

Archived files created by non-root users may not include some files PR1657958

SRX4600 platforms in split brain scenario post ISSU PR1658148

show fwauth user details is not displaying group information PR1659115

PR : monitored IP addresses for a redundancy group are reachable despite removing the redundant Ethernet interface from a zone PR1668532

Traffic loss seen due to SPC3's packets getting stuck PR1671649

VPN tunnel will not be established in exclusive client scenario PR1674522

Netbios traffic (IRB broadcast) is getting dropped post upgrade on the SRX platform PR1675853

PKID process crashes when validating the certificate chain of a certificate PR1679067

Dial-on-demand mode on the dialer interface is not working as expected PR1680405

"%DAEMON-4: Set system alarm failed: Operation not supported by device" message is seen on high end SRX PR1681701

SRX4600HA might not failover properly due to a hardware failure PR1683213

"NSD_CLEAR_POLICY_DNS_CACHE_ENTRY_IP" log is not found on the device after keeing DNS cache entry unchanged PR1684268

The cluster fabric link will be down post reboot of node or power cycle PR1684756

The user authentication page is not rendering on the client browser PR1685116

unexpected default event-rate value for event mode logging PR1687244

The chassis cluster will not respond to DNS queries when configured with DNS proxy service PR1688481

The system may crash when Jflow inactive timeout is configured to be less than 'previous flow-inactive-timeout + 180' seconds PR1688627

SNMP MIB walk for jnxBoxDescr OID returns incorrect value PR1689705

SRX cluster may fail in a rare scenario when node status changes to disabled state without going through the ineligible state PR1692611

Fabric monitoring suspension and control link failure may cause HA cluster outage PR1698797

The process srxpfd/ flowd will crash on SRX devices PR1694449

SRX stops refreshing the FQDNs used in the security policies and NAT PR1680749

High CPU is seen on the platforms running IPv6 PR1677749

IPSec tunnel will flap post MNHA configuration commit PR1669104

Traffic Stops when the mac address of a node changes in L2 secure-wire SOF PR1597681

OSPF neighbor won't establish under Transparent mode when neighborship across different zone PR1599891

Traffic over IPSec tunnels may be dropped during ISSU PR1416334

19.2TH:VPN:SRX5600: While verifying "show security ipsec next-hop-tunnels" output in device the IPsec SA and NHTB entry is not getting cleared after configuring firewall filter PR1432925

Packets traversing through a policy-based VPN get dropped when PowerMode is enabled PR1663364

The kmd crash is seen if the external-interface is empty in the IKE gateway configuration PR1664910

Master-encryption-password is not accessible when system is in FIPS mode PR1665506

VPN traffic loss is seen after HA node reboot while using traffic selectors PR1667223

High Control Plane CPU utilisation while the kmd process is stuck after the core file PR1673391

22.4R1:SRX_RIAD:srx5600:MN_HA:ike cookies didn't change in rekey lifetime expire cases after manual failover PR1690921