beautypg.com

Known issues, 1 limitations of features in screenos 5.0.0 – Juniper Networks NETSCREEN 208 User Manual

Page 29

background image

Juniper Networks

NetScreen Release Notes

ScreenOS 5.0.0r9-FIPS

P/N 093-1638-000, Rev. A

Page 29 of 42

• 01958 – An internal mishandling of the MAC cache could cause a security

appliance to crash.

• 01944 – The group addresses for V1-untrust zone were getting lost after

upgrading a device from a previous release. The group address for v1-untrust
was incorrectly set to a maximum of 8 groups while it should have been 32.

• 01812 – Using un-initialized memory space when creating an outgoing

packet caused the device to fail.

5. Known Issues

This section describes known issues with the current release.

Section 5.1 “Limitations of Features in ScreenOS 5.0.0”

identifies features

that are not fully functional at the present time, and will be unsupported for
this release. Juniper recommends that you do not use these features.

Section 5.2 “Compatibility Issues in ScreenOS 5.0.0 on page 30”

describes

known compatibility issues with other products, including but not limited to
specific Juniper NetScreen appliances, other versions of ScreenOS, Internet
browsers, Juniper management software and other vendor devices.
Whenever possible, information is provided for ways to avoid the issue,
minimize its impact, or in some manner work around it.

Section 5.3 “Known Issues in ScreenOS 5.0.0 on page 32”

describes

deviations from intended product behavior as identified by Juniper
Networks Test Technologies through their verification procedures. Again,
whenever possible, information is provided to assist the customer in avoiding
or otherwise working around the issue.

5.1 Limitations of Features in ScreenOS 5.0.0

The following limitations are present in ScreenOS 5.0.0.

• No Support for Packet Attribute Features – The Juniper NetScreen-

5000 Series systems do not support the aggressive aging, maximum
fragment size, path MTU (Maximum Transmission Unit), and Interface
MTU features.

• Vsys for Group IKE ID – Group IKE ID users cannot be used in a vsys if

that vsys uses a shared untrust interface.

W/A: Use a private Untrust interface (tagged VLAN subinterface or
dedicated physical interface) for the vsys.

This manual is related to the following products:
See also other documents in the category Juniper Networks Hardware: