Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Open Issues

Learn about open issues in this release for SRX Series Firewalls.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Chassis Clustering

  • MNHA Conn State and ICL are down after 48+ hours of device being up with background traffic due to BFD flaps at regular intervals. PR1822662

Content Security

  • Core can occur if we configure large number of custom categories. PR1841370

Platform and Infrastructure

  • On SRX5000 line of devices, if vmcore is initiated for XLP PIC, the vmcore process stops.PR1811765

General Routing

  • Misleading syslog message "L2CKT/L2VPN acquiring mastership for primary" though no VPN or Layer 2 circuit configured on the router. PR1105459

  • On Junos SRX5400, SRX5600, SRX5800 and SRX4600 devices, packet drops might be observed while services-offload is enabled.PR1702138

  • For case when input traffic is more and output traffic is expected equal to maximum capacity of egress interface, set the shaping explicitly equal to interface maximum capacity if default shaping does not work. PR1712964

  • On SRX380 or SRX550 devices when different Native-VLANs are configured on the trunk interfaces between devices, packet drop is observed. PR1750521

  • Additional logging has been added to the primary Routing Engine. PR1787608

  • Configuring a master-password on an SRX Series Firewalls in a peer-synchronize configuration. PR1805835

  • If wget is used for access to SRX Series Firewalls, the firewall-auth captive portal, use wget-1.14 or later versions. PR1810341

  • On Junos SRX5600 and vSRX3 platforms while upgrading from an older Junos OS version to 22.4R3-S1 or 22.4R3-S2, the upgrade process can fail as the rpd stops responding as part of validation process. PR1810817

  • MACSec is supported in routing mode but not in transparent mode. PR1812427

  • On SRX1500 platform, large IP packets of size 1497 to 1500 bytes might be dropped when using ethernet-switching and trunk ports. PR1813536

  • SCP from shell now uses SFTP protocol by default, use -0 for legacy scp protocol. PR1827152

  • Link aggregation does come up with flexible vlan tagging enabled on aggregated port. PR1838033

  • With MVRP enabled vlan learning and assignment not happening. PR1839275

  • On some occasions vlan programming in hardware can go missing. Due to this forwarding of packets across ports in vlan might not happen. PR1841831

  • After upgrading the SRX300 line of devices to Junos OS release 23.4R1 and above, the Native-vlan-id option is missing under interface hierarchy and gives syntax error. PR1847366

  • The commit command fails when the speed of XE interfaces is downgraded using a Small Form-factor Pluggable (SFP) module, causing a speed mismatch with the aex.PR1851261

Routing Protocols

  • Loading ROAs from a source-file was a feature introduced. PR1853025

Services Applications

  • HA cluster in FIPS mode, repeated manual failovers of redundancy groups can result in SPC3 or IOC4 or both the cards going offline. PR1797468

VPNs

  • VPN TPS performance is degraded in Junos OS release 24.2R2 on with dpdk-22.11. PR1801028

  • With primary node reboot and back to back failovers after, the VPN sequence number sync RTO packets between the primary node and secondary node stops for few mins after the secondary node moves to secondary state from secondary-hold state. If any failover occurs during this period, traffic loss occurs until the IPSEC sequence number on the newer primary node catches up the sequence number sent by the previous primary node.PR1842874