beautypg.com

Juniper Networks NETSCREEN 208 User Manual

Page 38

background image

Juniper Networks

NetScreen Release Notes

ScreenOS 5.0.0r9-FIPS

P/N 093-1638-000, Rev. A

Page 38 of 42

displays only when you issue a ‘get event' CLI command, and not when you
issue a 'get log event' CLI command.

• 33916 - A Juniper Networks security appliance supports a maximum of 256

OSPF interfaces.

• 33598 - For inter-vsys traffic, if both vsys define a policy with user

authentication, the Juniper Networks security appliance does not prompt
the user for authentication for each policy, but only once when it matches the
first policy.

• 33544 - Normally upon startup, a Juniper Networks security appliance with

the URL filtering feature enabled, tries to connect to a Websense server.
Currently this attempt to connect to a Websense server fails and the Juniper
Networks security appliance logs the event.

• 33027 - Juniper Networks security appliances do not support policy-based

dialup VPN and MIP if the MIP is configured on the tunnel interface which
belongs to a tunnel zone.

W/A: For dialup user VPNs only: use routing-based VPN and configure the
MIP on a tunnel interface bound to a security zone.

• 32983 - You can select multiple services in a policy, but later on, if you want

to modify the services to ANY, the Juniper Networks security appliance does
not let you. Instead, you get a message prompting you to use the multiple
service selection dialog box, which does not contain ANY, to modify the
services.

W/A: In the multiple service selection dialog box, remove all but one service
from the previous selection, and then click OK. Next, select “ANY” from the
Service drop-down list.

• 32159 - Juniper Networks security appliances do not support a second level

of certificate verification if the end entity certificate and OCSP responder
certificate are issued by the same CA.

• 32077 - (Juniper NetScreen-5GT only) When you enable or disable HTTP

Webmail functionality, log entries are not generated in the event log (i.e. 'set/
unset av http webmail enable'; 'set/unset av http webmail url-pattern-name
').

• 32072 - (Juniper NetScreen-5GT only) When you disable AV functionality for

HTTP, SMTP, and POP3, log entries are not generated in the event log (i.e.
'unset av scan-mgr content http'; 'unset av scan-mgr content smtp'; 'unset av
scan-mgr content pop3').

• 31364 - When performing source port translation for passive FTP data

channel, the Juniper Networks security appliance translates the source port

This manual is related to the following products:
See also other documents in the category Juniper Networks Hardware: