Juniper Networks 500 - Manual

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 5 of 42 3. Changes to Default Behavior There are numerous changes in default behavior. For detailed information on changes to default behavior in ScreenOS 5.0.0, refer to the Juniper Networks NetScreen Scree...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 7 of 42 • 03358 – A very long URL entry when you attempt to perform URL filtering sometimes caused the device to fail. • 03356 – The Phase 2 rekey sometimes failed after the Phase 1 expired when you used Kby...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 9 of 42 • 03132 – When using Juniper NetScreen-Remote to connect to a Juniper NetScreen-500 dial-up VPN using the WebUI, the IKE Gateway Configuration displays as user instead of user-group . • 03128 – Mista...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 13 of 42 • 01998 – You could not save the set console aux disable command into the device configuration. • 01739 – Ping operations would not work if fast aging out of MAC addresses did not occur when a PC mi...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 15 of 42 • 02926 – The number of syslog messages sent per second from the Juniper Networks security appliance were being limited by an internal process. • 02924 – SMTP (Simple Mail Transfer Protocol) queued ...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 17 of 42 • 02709 – When you set a manual VPN authentication setting to NULL on a Juniper Networks security appliance, the device failed because a Null length is invalid. • 02707 – When performing an anti-vir...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 18 of 42 • 02655 – The event log timestamp changed to Daylight Savings Time (DST) even though DST was not enabled. • 02642 – After configuring SCREEN setting thresholds on a device using the WebUI or CLI, th...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 19 of 42 • 02551 – An NSRP backup device indicated that a failover occurred continuously when no failure on the primary device occurred. • 02543 – A device rebooted because of an improperly processed checksu...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 20 of 42 • 02333 – When a device attempted to block files with a .exe extension, it incorrectly blocked files with .zip extensions. • 02326 – A device incorrectly created sessions if the IP address had a uni...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 21 of 42 4.3 Addressed Issues from ScreenOS 5.0.0r7 Manufacturing-only release. 4.4 Addressed Issues from ScreenOS 5.0.0r6 • 38268 – A Juniper Networks security appliance running a BGP peer virtual routing i...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 22 of 42 • 02384 – The device failed if you connected an Ethernet cable to the untrust interface in the v1-untrust zone while the device was in transparent mode. • 02383 – Under some circumstances, the OSPF ...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 23 of 42 • 02272 – HTTP and HTTPS packets passed through VPN tunnels more slowly than expected, sometimes to the point of timing out and causing the device to continually retransmit the packets. • 02250 – Th...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 24 of 42 • 37069 – The configuration wizard option in the WebUI that enables you to skip the wizard screens was not present on the initial wizard screen. This option enables you to go directly to the WebUI l...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 26 of 42 discrepancy, you had to read the text description of the trap type to identify it. Now you can refer to the trap type value to identify it. For example, the traditional SNMP trap type value for a Co...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 27 of 42 • 01985 – You could not schedule a policy using the WebUI. • 01970 – Under certain circumstances, the Juniper Networks security appliance did not send email alerts. • 01943 – When the DHCP payload (...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 29 of 42 • 01958 – An internal mishandling of the MAC cache could cause a security appliance to crash. • 01944 – The group addresses for V1-untrust zone were getting lost after upgrading a device from a prev...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 30 of 42 • SSH Version 1 Interoperability – The embedded SSH server in ScreenOS 5.0.0 has issues with the client from SSH Communications Security when operating in SSH version 1 mode. W/A: Use SSH version 2 ...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 31 of 42 – Freeswan - The Freeswan 1.3 VPN client is incompatible with ScreenOS 5.0.0 in certain configurations due to IKE features that Freeswan does not fully support. The result is that Phase 2 negotiatio...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 32 of 42 Juniper NetScreen-5000 series only: Before you upgrade a Juniper Networks security appliance to ScreenOS 5.0.0, we recommend that you verify the amount of memory on the device using the get system C...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 34 of 42 W/A: Execute the save command first, before executing the save config from flash to slot1 command. 5.3.3 Known Issues from ScreenOS 5.0.0r7 None. 5.3.4 Known Issues from ScreenOS 5.0.0r6 None. 5.3.5...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 35 of 42 5.3.7 Known Issues from ScreenOS 5.0.0r3 for the 5000-M2 • 38001 – When you run the get session command, ScreenOS sometimes displays the policy ID number incorrectly as a negative number. • 37993 – ...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 36 of 42 • 36807, 36876 – When a 100Mbps link between a Juniper NetScreen-5000 Series system and another device reverts to a 10Mbps throughput level on the other device, the Juniper NetScreen-5000 Series sys...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 37 of 42 exceeds the maximum number of routes permitted on a single page, all subsequent pages display the routes from the first page. • 35417 - If you set the guaranteed or maximum bandwidth (GBW or MBW) hi...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 38 of 42 displays only when you issue a ‘get event' CLI command, and not when you issue a 'get log event' CLI command. • 33916 - A Juniper Networks security appliance supports a maximum of 256 OSPF interface...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 39 of 42 number to the same port number as the original destination port. This does not affect traffic. • 30844 - When AV is enabled, you cannot download files to the Juniper Networks security appliance thro...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 40 of 42 • 28138 - The Websense server provides erroneous protocol version information, which the Juniper Networks security appliance displays. • 28016 - Juniper Networks security appliances do not support a...

Juniper Networks NetScreen Release Notes ScreenOS 5.0.0r9-FIPS P/N 093-1638-000, Rev. A Page 41 of 42 6. Getting Help For further assistance with Juniper Networks products, visit www.juniper.net/support Juniper Networks occasionally provides maintenance releases (updates and upgrades) for ScreenOS f...