Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Resolved Issues

Learn about the issues fixed in this release for SRX Series Firewall.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Content Security

  • The utmd process might generate core files at commit when *.* or *.*.* is configured at url-pattern. PR1715260

  • Outlook notification channel connection is not established. PR1725938

  • When SSL proxy and Web filtering are enabled in the security policy, Youtube videos will keep on buffering and will not play. As a workaround, configure the no-safe-search option at the Web filtering profile. PR1755998

Application Layer Gateways (ALGs)

  • Device stopped while processing H323 traffic in SRX Series Firewall and MX. PR1722877

  • SIP ALG not working for SIP traffic with MIME header and traffic is dropped. PR1728638

Chassis Clustering

  • Unsupported configuration for interface st0.16000-16385 is possible when using replace pattern on SRX Series Firewall. PR1731593

  • In SRX Series Firewall MNHA cluster setup the RSI takes long time to generate. PR1736498

  • BFD session fails to re-establish on SRX Series Firewall cluster mode. PR1737520

  • SRX Series Firewall dropping GTP ChangeNotificationRequest messages due to Non-zero TID/TEID. PR1750988

Class of Service (CoS)

  • The CoS scheduler map will not get attached to the sub-interface correctly when shaping-rate and scheduler-map are configured on it. PR1734013

Flow-Based and Packet-Based Processing

  • The datapath-debug packet-dump feature is not capturing the transit traffic packets. PR1727027

  • SRX5000 line of devices or SRX4600 is forwarding the traffic with previous MAC address, even though the ARP table is pointing to a new MAC address. PR1755181

  • Buffer leak when PMI sends out packet on egress interface with MTU smaller than the packet length. PR1758208

General Routing

  • On SRX4600, packet drop or a core file gets generated. PR1620773

  • 8-Port Gigabit Ethernet SFP XPIM not passing traffic after software upgrade. PR1620982

  • The DNS information is getting lost when IPCP flaps. PR1658968

  • The fxp0 interface works under disable state on SRX300. PR1661816

  • Unable to connect to domain controller on installing Microsoft KB update. PR1683420

  • The user ID entries are not synced with secondary node. PR1701990

  • Secondary node goes into disabled state after failover due to control link going down in a cluster. PR1703220

  • Interface speed stays 100 Mbps when removing speed and duplex command separately. PR1715247

  • J-flow sends wrong IP in sampling records when NAT is configured for traffic along with input sampling. PR1716707

  • OAM not working with flexible-vlan-tagging. PR1719108

  • Local route is not added in the secondary FIB on all Junos SRX Series Firewall and routes will be permanently stuck in KRT queue. PR1721032

  • Nstraced process is running high on the primary node after the Junos upgrade. PR1727122

  • Layer 2 channel error counter increases when unknown family packets received by interfaces. PR1729284

  • When there is a power outage happens after the first upgrade, the reboot device gets stuck at volume booting. PR1729671

  • The show system firmware shows available version as 0 after upgrading to BSD12 image. PR1729959

  • The DNS cache gets wiped out due to the flowd process pause on all SRX Series Firewall after the upgrade. PR1732028

  • The flowd-octeon.elf process generate core files in SRX380 cluster. PR1732378

  • The nsd process stop impacting remote access VPN on SRX Series Firewall. PR1732746

  • The intermittent core files are received when SMB protocol is enabled on AAMW policy and Packet Forwarding Engine memory is exhausted. PR1737442

  • Junos OS installation using USB can fail on SRX4600. PR1737721

  • Failover can be seen on SRX5000 line of devices with SPC2 cards while executing RSI. PR1738188

  • The minor autorecovery information needs to be saved alarm is not displayed after zeroize. PR1738271

  • Traffic drop caused by Packet Forwarding Engine memory leak on SRX Series Firewall. PR1738656

  • Memory leak in PKID process. PR1739342

  • Random physical interfaces doesn't come up after a reboot. PR1739520

  • SRX4100 and SRX4200 accepts the datapath-debug configuration although it does not support it. PR1739559

  • Processing a TWAMP packet and terminating the TWAMP session might generate core files in a corner case scenario. PR1739733

  • The flowd process pause might be observed. PR1743107

  • Commit panic reboot observed after implementing system processes watchdog timeout 180 on SRX Series Firewall. PR1744108

  • Add FQDN-name counter in the show services user-identification identity-management status output. PR1745588

  • SRX4600 misleading fan speed syslog output after removing or inserting one fan tray unit. PR1748971

  • SRX Series Firewall will take time to come up in HA or device will go down in standalone setup. PR1749584

  • SPC3 PIC stops. PR1749830

  • Large TLS1.3 session tickets to an SRX SPC3 device result in srxpfe process pause. PR1752678

  • The flowd process stops due to memory stress. PR1753540

  • Users authenticated through captive portal experience a noticeable delay of atleast 2-to 5 minutes. PR1755593

  • AAMW hyper scan goes to lock state during reload. PR1757794

  • The set system license log-frequency time-interval command does not work. PR1766874

  • ARP is not getting resolved. PR1768050

Intrusion Detection and Prevention (IDP)

  • Multiple network issues are seen after the upgrade with lower IDP packet-log total-memory percentage. PR1741887

J-Web

  • The process httpd stops on SRX Series Firewall. PR1732269

  • Editing security policy configuration via J-web is enabling "Exclude Selected" unexpectedly. PR1735314

  • Junos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control important environment variables (CVE-2023-36845) PR1736942

  • Certificate Management issues. PR1738316

  • Cannot add custom defined security address-book under Security Policies Objects > Security Policies > Create > Source Zone > Select Sources. PR1748078

  • Junos OS upgrade from J-Web returns "failed" in each step. PR1755072

Layer 2 Ethernet Services

  • Delay in getting IP through DHCP cause traffic loss. PR1752804

Network Address Translation (NAT)

  • The nsd process stops when ISSU is performed on the cluster. PR1724777

Platform and Infrastructure

  • The message "kernel: %KERN-6: ARP UNICAST MODE 0; retrans_timer - 8" might be seen when commit command is run for configuration which is not related to ARP. PR1735686

Routing Policy and Firewall Filters

  • Traffic impact is observed when the security policy is configured with a huge number of addresses and on addition and deletion of these policies. PR1725567

Routing Protocols

  • BFD session for BGP remains down in a specific scenario. PR1738074

  • Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute (CVE-2023-0026) PR1739919

  • RPD scheduler slip is observed when the BGP session flaps and subsequent configuration changes for the same peer. PR1742416

  • When BGP is configured in routing-instance of type virtual-router, default MPLS table is being created for that virtual-router, unexpectedly. PR1742513

User Interface and Configuration

  • The mgd process might stopdue to stack overflow on high scale address configuration. PR1741413

VLAN Infrastructure

  • On SRX Series Firewall working as Layer 2 mode, packet and byte counters in flow session result or traffic log were not correct for traffic uses UTM or ALG services. PR1787772

VPNs

  • IPsec VPN does not come up in NAT-T scenario. PR1745174

  • Error seen while clearing ike statistics in secondary node. PR1748531