SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  HELP! Return SRX210 to "out of the box"

    Posted 07-27-2013 22:50
    I've made a classic mistake. I'm new the SRX line, having only experience with the Netscreen line. So when I got this SRX210 as a castoff, the first thing I did was upgrade the firmware to 11.4r7.5 from 10something and I didnt record the config. I assumed, having seen it work just fine with my 5GT's, that the config would be preserved and I was very wrong. So my SRX now has pretty much nothing in its Config and I want very very much to get back to the config that had the built in DHCP server on the trust ports and DHCP client on the untrust interface so I can get back into it in a fashion that doesn't include the console. I know how to move around in the CLI, albeit not skilled enough to build a config there, and have tried many times to configure it that way, at least enough to get me into the GUI where I'm more comfortable, but no avail. Load factory-default just gives the very stripped useless version of the config. Can anyone post a "default config" for me so that it will give out an IP, run the wizard and allow me to get back to learning how to configure JunOS? Thanks in advance to anyone! I'm so frustrated. 🙂


  • 2.  RE: HELP! Return SRX210 to "out of the box"

    Posted 07-27-2013 23:33
    1. Firstly upgrading should keep your config.
    2. Secondly JunOS 11.4 has DHCP server on Trust ports etc, sounds like another issue maybe?
    3. This should wipe everything: http://kb.juniper.net/InfoCenter/index?page=content&id=KB23787


  • 3.  RE: HELP! Return SRX210 to "out of the box"

    Posted 07-28-2013 00:37

    I tried that and no help unfortunately. Here is what get after a boot and the resulting config. I have no idea if that Module Init thing is an issue. The config is just totally useless and I note that I dont see the physical interfaces as I would expect to when I do a show interfaces terse. Not very familiar with what I SHOULD see, but this doesnt seem to be right. 

     

    It was working with the 10xr1.8 (I think it was that) version prior to me deciding to upgrade the firmware. Do you think I could have a firmware that doesn't work on my SRX210H-P-MGW?

     

    root@%

    Message from syslogd@ at Jul 28 00:17:23  ...

      SCHED: Thread 4 (Module Init) ran for 1496 ms without yielding

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Scheduler Oinker

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Frame 00: sp = 0x489de610, pc = 0x080294f4

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Frame 01: sp = 0x489de6b8, pc = 0x08013a08

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Frame 02: sp = 0x489de728, pc = 0x080151dc

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Frame 03: sp = 0x489de748, pc = 0x080103c0

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Frame 04: sp = 0x489de778, pc = 0x08028d4c

     

    Message from syslogd@ at Jul 28 00:17:23  ...

      Frame 05: sp = 0x489de7a0, pc = 0x00012060

     

    root@% cli

    root> show configuration

    ## Last commit: 2013-07-28 00:15:44 UTC by root

    version 11.4R7.5;

    system {

        syslog {

            user * {

                any emergency;

            }

            file messages {

                any critical;

                authorization info;

            }

            file interactive-commands {

                interactive-commands error;

            }

        }

        max-configurations-on-flash 5;

        max-configuration-rollbacks 5;

        license {

            autoupdate {

                url https://ae1.juniper.net/junos/key_retrieval;

            }

        }

        ## Warning: missing mandatory statement(s): 'root-authentication'

    }

     

    root> show interfaces terse

    Interface               Admin Link Proto    Local                 Remote

    fxp2                    up    up

    fxp2.0                  up    up   tnp      0x1

    gre                     up    up

    ipip                    up    up

    irb                     up    up

    lo0                     up    up

    lo0.16384               up    up   inet     127.0.0.1           --> 0/0

    lo0.16385               up    up   inet     10.0.0.1            --> 0/0

                                                10.0.0.16           --> 0/0

                                                128.0.0.1           --> 0/0

                                                128.0.0.4           --> 0/0

                                                128.0.1.16          --> 0/0

    lo0.32768               up    up

    lsi                     up    up

    mtun                    up    up

    pimd                    up    up

    pime                    up    up

    pp0                     up    up

    ppd0                    up    up

    ppe0                    up    up

    st0                     up    up

    tap                     up    up

    vlan                    up    down



  • 4.  RE: HELP! Return SRX210 to "out of the box"

    Posted 07-28-2013 02:51
    you should set the root password to commit...

    # set system root-authentication plain-password-text
    (enter password twice)
    #commit

    You are done


  • 5.  RE: HELP! Return SRX210 to "out of the box"
    Best Answer

    Posted 07-28-2013 04:02

    Ah yes the issue is the SRX210H-P-MGW device. It was never meant to be released, I'm not sure where you got it from. If you purchased it from ebay then there isn't much you can do. You need to get a legit device or return this one to Juniper.

     

    More info: http://kb.juniper.net/InfoCenter/index?page=content&id=TSB15488

    The Integrated Convergence Services (ICS) solution consisting of the Branch SRX Media Gateway products SRX210H-P-MGW, SRX220H-P-MGW SRX240H-P-MGW, SRX-MP-VA04, SRX-MP-VA04, SRX-MP-VA22 is being discontinued immediately, and removed as a supported product. These products were in early access, but not launched. Juniper Networks will be contacting customers with these products in order to replace them with similar SRX products that do not contain the ICS and Media Gateway functionality. This will be handled as an "Exchange RMA." Customers are asked to call in and identify their call is in reference to the "SRX Media Gateway Exchange Program".

    Once the exchange RMA is taken, the replacement device(s) will be shipped to the customer. The replacement hardware will be registered and the remaining term of the support contract will be transferred to the new hardware. Shipping labels will be sent to the customer with the replacement device, one for each device in the exchange to be returned to Juniper. The customer will use the box received from the replacement device to return the SRX-MGW device(s).

     



  • 6.  RE: HELP! Return SRX210 to "out of the box"

    Posted 07-28-2013 09:06

    Well, that explains a whole lot then. Firmware probably borked it since its no longer a support product. While I am pleased to finally figure out its not me (I have spent WAY too many hours dinking with this thing), its a bummer that its now a door stop.

     

    Thanks very much for the insight, at least my battle is done. Hehe.