Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] Unable to change the value for pre-defined application on Junos 15.1X49.

0

0

Article ID: KB31225 KB Last Updated: 10 Nov 2016Version: 1.0
Summary:

This article explains why the value for pre-defined application on 15.1X49 series cannot be changed.

Symptoms:

In Junos 15.1X49, an error message is shown after attempting to change or edit any value of a pre-defined application; "junos-*".

Example 1

Edit a term of junos-sip.

root@SRX# edit applications application junos-sip term t1
error: cannot use reserved identifier:
junos-sip

Example 2

Set a new inactivity-timeout of junos-ftp.

root@SRX# set applications application junos-ftp inactivity-timeout 9000
error: cannot use reserved identifier: junos-ftp
Cause:

The error message is the expected behavior from Junos 13.3 and higher. It appeared beginning on SRX from Junos 15.1X49. Editing a pre-defined application is NOT allowed.

Solution:

Take the following steps to create a new custom application.

  1. Find the content of a pre-defined application.

  2. root@SRX# show groups junos-defaults applications application junos-sip
    term t1 alg sip protocol udp destination-port 5060;
    term t2 alg sip protocol tcp destination-port 5060;

  3. Create a new one following the content of the original pre-defined application.

    root@SRX# set applications application My-SIP term t1 alg sip protocol udp destination-port 5060 inactivity-timeout 3600
    root@SRX# set applications application My-SIP term t2 alg sip protocol tcp destination-port 5060 inactivity-timeout 3600
  4. Verify the newly configured application

    root@SRX# show applications application My-SIP
    term t1 alg sip protocol udp destination-port 5060 inactivity-timeout 3600;
    term t2 alg sip protocol tcp destination-port 5060 inactivity-timeout 3600;
  5. Commit

    root@SRX# commit

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search