ScreenOS Firewalls (NOT SRX)
Reply
Contributor
lvl1s7a
Posts: 25
Registered: ‎09-11-2008
0
Accepted Solution

Question about the limitation of group services/multi-cell policies creation

[ Edited ]

Hi There;

 

Please check : http://kb.juniper.net/KB6989

 

 

Device Type                          Max Service Groups/Multi-cell Policy (Combined Total)

NS5XP/NS5XT/NS5GT              32
NS25/NS50                             32
NS204/NS208                         64
NS500                                   128
NS5X00                                 256

 

 

it's said :

"If the max limit is reached, in the early releases of ScreenOS 5.0 an error similar to the following may be sent to the console screen:

  • Failed command - set group service "_p68svc_" hidden "

 Can somebody tell me what's the relationship with the Software version ? is it only Hardware related? or the error only appears in the early releases of v5.0 ?

Message Edited by lvl1s7a on 09-28-2008 03:46 AM
Best Regards

// lvl1s7a
Super Contributor
benjaminc
Posts: 181
Registered: ‎11-07-2007
0

Re: Question about the limitation of group services/multi-cell policies creation

Hi,

 

 The problem with the hidden groups was reported as a bug in the early versions of 5.0 so in later versions you should no longer see that error. This doesn't mean that the restrictions on the number of groups has been removed, this still applies (although the number of groups can change per software version).

 

Laters

 

Ben

Contributor
lvl1s7a
Posts: 25
Registered: ‎09-11-2008
0

Re: Question about the limitation of group services/multi-cell policies creation

Hi Ben;

 

Thanks for your reply;

 

I think that since the limit has been reached, the appearance of this message is a normal behavior not a bug, isn't it ?

 

another question, Do you think that an upgrade of an NS208 ,from v5.0.0r8 to a recent version (The recommanded one v5.4 for exemple) will somehow increase this number (64) ? 

 

Thanks again &

Best Regards

// lvl1s7a
Super Contributor
benjaminc
Posts: 181
Registered: ‎11-07-2007
0

Re: Question about the limitation of group services/multi-cell policies creation

Hi,

 

Could be both, the mention of the hidden group isn't supposed to be there AFAIK.

 

The number of groups hasn't been changed in later software versions for this platform. If you are able I would look into the new software, 5.4 is certainly the recommended version for your platform and there are a large number of improvements in other areas.

 

Thanks

 

Ben

 

 

Contributor
lvl1s7a
Posts: 25
Registered: ‎09-11-2008
0

Re: Question about the limitation of group services/multi-cell policies creation

[ Edited ]

Hi Ben;

 

Thanks a lot for the reply !

Message Edited by lvl1s7a on 09-30-2008 10:27 AM
Best Regards

// lvl1s7a
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.