All platforms, yes. We discovered this on an EX.
Just complain to your Juniper representative, I guess.
Original Message:
Sent: 09-21-2024 23:43
From: Kalle
Subject: Juniper vSRX HA OS upgrades from 21R to new stable version (vSRX is on IBM Cloud Portal)
Hi,
Any know config knob to disable message authenticator check on the DUT ?
I found following "set system radius-server <server-ip> secret <secret> no-message-authenticator", but seems not to work for vSRX.
I suppose this radius change will affect all platforms?
------------------------------
Kalle Andersson
Original Message:
Sent: 09-21-2024 10:07
From: Olivier Benghozi
Subject: Juniper vSRX HA OS upgrades from 21R to new stable version (vSRX is on IBM Cloud Portal)
Yes, well, in 23.4R2-S2, prepare to lose your radius authentication services: some devs at Juniper decided to mess everything up and throw the RFC out of the window...
https://supportportal.juniper.net/s/article/RADIUS-authentication-not-working-on-23-4R2-S2
------------------------------
Olivier Benghozi
Original Message:
Sent: 09-19-2024 18:43
From: Jeremias Carballo
Subject: Juniper vSRX HA OS upgrades from 21R to new stable version (vSRX is on IBM Cloud Portal)
Hi there,
Hope you are doing great!
For the first 3 questions, this document will work for you as it has the answers about considerations, upgrade methods, and configuration considerations: Upgrading the vSRX Virtual Firewall in IBM Cloud.
Regarding the last question, currently the Juniper suggested release for vSRX 3.0 is Junos 23.4R2-S2, as it is the most stable release and it supports all those features: Junos Software Versions - Suggested Releases to Consider and Evaluate.
Kind regards,
JC.
------------------------------
Jeremias Carballo
Original Message:
Sent: 09-19-2024 01:15
From: Anonymous
Subject: Juniper vSRX HA OS upgrades from 21R to new stable version (vSRX is on IBM Cloud Portal)
This message was posted by a user wishing to remain anonymous
Hi Juniper Team,
I would like to upgrade the Juniper vSRX HA from 21R to a newer stable version (the vSRX is on IBM Cloud Portal). Could you please help me by answering the following questions?
- What considerations should be taken for juniper/ibm account before performing the upgrade?
- What are the possible methods for upgrading the OS (patch) of vSRX?
- Will the current configuration of Juniper be preserved during the upgrade, or is there any risk of it being destroyed, removed, or lost?
- Which new version is stable and fully compatible with all current Juniper configurations (e.g., VPN, SSL VPN, NAT [SNAT, DNAT], IPS/IDS, Routing Protocols, etc.)?
Please attach any relevant documents and configurations with your answers. Your assistance is greatly appreciated.