Is anyone using 6.0r2 or 6.0r3? If, so how stable are they?
I'm using 6000's clustered; 4000's separate cluster; servicing internal and external clients; Using RSA 2-Factor Authentication; servicing Core Rewrite for OWA, Lotus Notes DB's, iManage (Worksite), Citrix, and other general web apps; Terminal Services; and Network Connect.
My concern is that in the past upgrades have fixed one thing and broken others. With so much going on and servicing so many users it makes upgrading a major task unlike a ScreenOS upgrade.
So, the question is what is the most stable version out? Nov/Dec I was looking into upgrading to 5.5 because I was told by JTAC that is was very strong and stable. Does anyone feel the same way about any of the 6.0 codes yet?
For what it is worth I am running 6.0R3.1 Previously I was on 5.5R4 which I found to be pretty stable. Whenever I first upgraded to one of the first 6.0 releases it was pretty bad; however, I've found that 6.0R3.1 fixed most of my issues.
I had an issue previously with the SSO into OWA and that was fixed, sharepoint 2007 was supported, and the Outlook Meeting plugin is working in 6.0R3.1. All of which were things I had issues with in the previous releases.
Same here, before switching to 6.0x we ran with our SA6000s on 5.5R4.
If you change to 6.0x I would suggest 6.0R3.1 or 4-, both worked fine here.
6.0R3 had an ugly bug that rolemapping base on AD Groups were not working.
4000-FIPS WAN clustered. We have be dealing with bugs through all the 6.X releases. We are currently running 6.0r4.2 (build 12875). It appears to be pretty stable (but probably not as stable as a 5.5 release).
We have 1 major outstanding bug with the 6.X release. Some of our applications require the use of ESP mode, but the 6.X is not capable of keeping a long ESP connection when multiple remote users are NAT'd to the same IP (very common). When falling back to SSL mode (which is almost guaranteed), connections to the devices on the internal network drop. A workaround is to forces all users to initially negotiate an SSL mode connection. This is not an issue with 5.5. We have a JTAC open and have provided Juniper access to our lab environment. After troubleshooting, they have determined it's a bug within the 6.X kernel. They are actively working it, but to date, we have not had a fix.
I made post regarding Network Disconnect of 6.0 here http://forums.juniper.net/jnet/board/message?board.id=SSL_VPN&message.id=412&jump=true#M412 . I would recomend 6.0r4 or later because of bugs in LDAP auth server code.
I would insist on
All previous versions have MTU fragmentation issues. R4-2 seems solid.