Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

With multiple MIPs in a policy, a user can delete the MIP configuration in the policy and the "In-Use" message is not reported

0

0

Article ID: KB12404 KB Last Updated: 08 Jan 2009Version: 2.0
Summary:
ScreenOS allows users to delete a MIP configured in a policy with multiple MIPS and does not report the 'In-Use' message.


Symptoms:
When a MIP is configured in a policy, and the user accidently tries to delete it, ScreenOS will not let it be deleted.  It will report a message about it being "In-Use".

However, in the case where multiple MIPs are configured in a  policy, ScreenOS will allow the user to delete the MIP configuration even though they are being used in the policy. The firewall will allow the user to delete these MIPs without any warning.
Solution:
This is working as per design and is not a bug.

The behavior of the MIP address is the same as a regular address. That is to say, if you add many regular addresses into a policy, you are allowed to remove them one by one until the policy has one address left.

The same theory applies to a policy with multiple MIPs configured.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search