Table of Contents
Advertisement
Table 5: Known Issues (continued)
PR
Description
538247
When you configure a custom compound attack object, you can optionally set within packets constraints. If you
set a packet constraint for one member, the program logic counts packets beginning implicitly with the
start-of-stream. Request is to include a UI option to specify the starting point.
539399
In ACM, you have the option to use a Radius server as an authentication source for access to ACM. However,
the username format allowed by the ACM configuration page does not support all formats deemed valid by
RFC 2486. In IDP OS Release 5.1, you can specify a usernames that include periods (such as john.doe), but not
special characters such as @ or + that are conventions in the username formats used by some enterprises (such
as john.doe@company.com).
552167
HA deployment has an IDP system requirement that a virtual router named vr0 contain eth1 (the HA state sync
interface). If you upgrade an IDP OS 4.1r4 device that has HA enabled, eth1 is added to vr0 automatically.
Otherwise, you must check the ACM Configure Virtual Routers page to ensure this HA system requirement is
met. This requirement only applies if the device belongs to an HA deployment.
Monitoring / Console
288824
Under high traffic conditions, the following exception messages are displayed in the console:
ata1.00: exception Emask 0x2 SAct 0xfe SErr 0x400000 action 0x2 frozen ata1.00: (spurious
completions during NCQ issue=0x0 SAct=0xfe FIS=005040a1:00000001) ata1.00: cmd
61/30:08:8d:6e:16/00:00:00:00:00/40 tag 1 cdb 0x0 data 24576 out res
50/00:38:a5:70:16/00:00:00:00:00/40 Emask 0x2 (HSM violation)
You can safely ignore these messages.
428341
During upgrade with NSM, the NSM Job Information window displays status information that is not consistent
with the operations occurring on the IDP Series device.
438582
The NSM software version inventory fails to identify a patch version number when you add the IDP Series device
or import a IDP Series device configuration. To work around this issue, you can use the NSM Device Manager to
run an Adjust OS operation or use the IDP CLI to run idp.sh restart. However, the problem will recur following
add device or import configuration procedures.
416086
The NSM Process Status lists dLogPurger status, which is not a active process in IDP Series devices.
573995
On IDP8200, the
Logging / Packet Capture
227241,
Profiler is unable to capture the OS fingerprint for some destination servers. Reports show "Unknown OS".
416708
287179
After system unavailability, the IDP Series device does not send a log that the device has returned to normal
operations.
407900
In NSM log viewer, the strings for log severities for IDP Series devices are inconsistent with other network devices.
For IDP Series devices, strings for severity include
Critical
and
Warning
415164
In NSM, packet data cannot be displayed correct for certain malformed IP packets.
Copyright © 2011, Juniper Networks, Inc.
scio idp-cpu-utilization
utility shows an incorrect CPU utilization for idpengine_0.
that appear for other network devices.
and
Device_critical_log
Device_warning_log
Known Issues
instead of the strings
17
Advertisement
Table of Contents
