Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Can not delete local group on SSG-550M

    Posted 09-25-2014 01:46

    Hi guys,

     

    I'm trying to delete a local group and I can not. The only option which is available for the group is "Edit".

     

    When trying to remove a user from the group it says "User Group <group_name> cannnot be modified".

     

    I used to be in use for a Dial-up VPN tunnel. The entire tunnel configuration has now been deleted but the user and the group for some reason can not be.

     

    When I search through the config file for <group_name> it's nowhere else except here:

     

    set user-group "group_name" id 1
    set user-group "group_name" user "user_name"

     

     

    Is there any way to fix it without firewall reboot?

     

     



  • 2.  RE: Can not delete local group on SSG-550M

    Posted 09-25-2014 10:07

    Sounds like it is stuck for some reason.  Only way to remove it is going to be to reset the firewall.  I have seen this on older versions of code.  What version are you running?



  • 3.  RE: Can not delete local group on SSG-550M

    Posted 09-26-2014 03:46

    I'm running 6.3.0r1.0



  • 4.  RE: Can not delete local group on SSG-550M
    Best Answer

    Posted 09-26-2014 09:45

    This is a known issue that is resolved in 6.3r2 and higher.  Recommended version is 6.3r17.

     

    https://www.juniper.net/techpubs/software/screenos/screenos6.3.0/rn-630r17.pdf, page 71

     

    448720—Unable to remove User Group that was previously bound to a VPN, even after that VPN has been removed.



  • 5.  RE: Can not delete local group on SSG-550M

    Posted 09-29-2014 02:33

    Thanks a lot for your help.