08-28-2012 05:37 AM
i upgraded an SRX210 from 10.1 to 11.4R4.4 last night, and now it is not handing out the DNS server ip to dynamic-vpn clients anymore.
i use pulse, and i only get this for dns servers:
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
The Configuration of the SRX has not been changed, neither has the Exchange Server that manages Radius for Authentication.
Do i have to change the config for 11.4 to work? i read the release notes but i didnt find any clue.
thx in advance,
Solved! Go to Solution.
08-28-2012 06:44 AM
It sounds like a bug to me, is there any specific reason you want to go to 11.4 rather than the recommended release of JUNOS 10.4R10.7?
If you want to go to 11.1 R4.4 I know this works without issue. I have it on a box running dynamic vpns successfully.
08-28-2012 08:46 AM
actually (thanks to Tim Eberhard, whom i love very much right now), i found out what went wrong.
apparently somewhere between 10.1 and 11.4 Juniper changed the radius "vendor-specific" Vendor code for DNS ( from 4874 to 2636 ).
You will find the new code in KB22482
The KB is from January 2012, so apparently it has been changed somehow recently.
Maybe this helps someone who runs into this, too.