Screen OS

Juniper Networks SSG-140 Boot Loader Version 3.2.4 (Checksum: 9D76F0F2)
Copyright (c) 1997-2006 Juniper Networks, Inc.
    Total physical memory: 256MB
    Test -  Pass
    Initialization - Done


Hit any key to run loader
Hit any key to run loader
Hit any key to run loader
Hit any key to run loader

Loading system image "$BABOOT$.BIN" from on-board flash disk...
Done! (size = 12,058,624 bytes)
cksum = bccb0096, p_hdr->cksum = c5ade254
### image corrupted ###

Loading default system image from on-board flash disk...
Done! (size = 12,058,624 bytes)
cksum = 91278b4a, p_hdr->cksum = c5ade254

any help how we can solve this issue and put in operation this firewall?

many thanks

Did you perform upgrade on this device? or wiped the configuration and want to place in production? could you please provide more information?

Also did you try to pinhole reset if want it to be factory default? 

Hello,

What i did was a switch off and  switch on with button in back of device. i did resstart becouse i was not able to access with https://.. . device woas working, traffic passing through.

i dit not try with pinhole reset, i am afraid to lose configuration.

thanks

Could you please paste complete console logs?

Juniper Networks SSG-140 Boot Loader Version 3.2.4 (Checksum: 9D76F0F2) Copyright (c) 1997-2006 Juniper Networks, Inc. Total physical memory: 256MB Test - Pass Initialization - Done Hit any key to run loader Hit any key to run loader Hit any key to run loader Hit any key to run loader Loading system image "$BABOOT$.BIN" from on-board flash disk... Done! (size = 12,058,624 bytes) cksum = bccb0096, p_hdr->cksum = c5ade254 ### image corrupted ### Loading default system image from on-board flash disk... Done! (size = 12,058,624 bytes) cksum = 91278b4a, p_hdr->cksum = c5ade254 ### image corrupted ### Serial Number [0185082012000863]: READ ONLY HW Version Number [1010]: READ ONLY Self MAC Address [b0a8-6eb3-d700]: READ ONLY Boot File Name [ssg140.6.2.0r5.0]: Self IP Address [10.10.10.12]: TFTP IP Address [10.10.10.254]: Juniper Networks SSG-140 Boot Loader Version 3.2.4 (Checksum: 9D76F0F2) Copyright (c) 1997-2006 Juniper Networks, Inc. Total physical memory: 256MB Test - Pass Initialization - Done Hit any key to run loader Hit any key to run loader Hit any key to run loader Serial Number [0185082012000863]: READ ONLY HW Version Number [1010]: READ ONLY Self MAC Address [b0a8-6eb3-d700]: READ ONLY Boot File Name [ssg140.6.2.0r5.0]: \ Self IP Address [10.10.10.12]: TFTP IP Address [10.10.10.254]: Save loader config (56 bytes)... Done ### ARP time out on candidate port 0 after 2 seconds ### ### ARP time out on candidate port 0 after 4 seconds ### ### ARP time out on candidate port 0 after 8 seconds ### ### ARP time out on candidate port 0 after 16 seconds ### ### ARP time out on candidate port 0 after 32 seconds ### ### ARP time out on candidate port 2 after 2 seconds ### ### ARP time out on candidate port 2 after 4 seconds ### ### ARP time out on candidate port 2 after 8 seconds ### ### ARP time out on candidate port 2 after 16 seconds ### ### ARP time out on candidate port 2 after 32 seconds ### ### ARP time out on candidate port 4 after 2 seconds ### ### ARP time out on candidate port 4 after 4 seconds ### ### ARP time out on candidate port 4 after 8 seconds ### ### ARP time out on candidate port 4 after 16 seconds ### ### ARP time out on candidate port 4 after 32 seconds ### ### ARP time out, cannot find TFTP server ### Please make sure the network is properly configured and not heavy loaded!!! Juniper Networks SSG-140 Boot Loader Version 3.2.4 (Checksum: 9D76F0F2) Copyright (c) 1997-2006 Juniper Networks, Inc. Total physical memory: 256MB Test - Pass Initialization - Done

I can see from the logs that the image has been crrupted (Loading default system image from on-board flash disk... Done!(size = 12,058,624 bytes) cksum = 91278b4a, phdr->cksum = c5ade254 ### image corrupted ###) and you have to load the fresh OS.

This is what exactly happened with you:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB12680&actp=search&viewlocale=en_US&searchid=1234166177888

https://kb.juniper.net/InfoCenter/index?page=content&id=TSB14634

You can download the OS from here

https://www.juniper.net/support/downloads/?p=ssg140

This is how you can access your device via console port

http://kb.juniper.net/InfoCenter/index?page=content&id=KB4066

http://kb.juniper.net/InfoCenter/index?page=content&id=KB5519

You Upload a configuration via the CLI

http://kb.juniper.net/InfoCenter/index?page=content&id=KB4196&smlogin=true

thank you Malik,

i followed your instruction step by step.

attached i am sending output from console.

my perception is that new OS file is not loaded in firewall, becouse on restart it requared to run firewall from old image (size of image is same on all time even i try to upload diferent i ( mages size = 12,058,624 bytes)

please have a look on attached file and please let me kno what can i do?

regards

Attachment(s)

New Text Document.txt   1 KB 1 version

Did you signed the new ScreenOS firmware filename with the new image key?

Please check the attched document

Also, Can refer to the KB.

http://kb.juniper.net/InfoCenter/index?page=content&id=KB8729

(BTW which tftp server you are using to transfer the file? ensure file transferred correctly) 

Attachment(s)

image_key_readme.pdf   85 KB 1 version

hello.

no i did not signed becouse i am not able to access firewalle on user mode ssg>

firewall keep booting with image currupted mode.

can be done signing out of firewall and them put signed image on firewall?

Juniper Networks SSG-140 Boot Loader Version 3.2.4 (Checksum: 9D76F0F2)
Copyright (c) 1997-2006 Juniper Networks, Inc.
    Total physical memory: 256MB
    Test -  Pass
    Initialization - Done


Hit any key to run loader
Hit any key to run loader

Serial Number [0185082012000863]: READ ONLY
HW Version Number [1010]: READ ONLY
Self MAC Address [b0a8-6eb3-d700]: READ ONLY
Boot File Name [ssg140.6.2.0r16.0]: ssg140.6.2.0r16.0
Self IP Address [10.10.10.253]:
TFTP IP Address [10.10.10.254]:
The configured TFTP server is connected to port 0


Loading file "ssg140.6.2.0r16.0"...
r
Receiving data block ...
#23440

Loaded Successfully! (size = 12,004,858 bytes)

********Invalid DSA signature

********Bogus image - not authenticated

Juniper Networks SSG-140 Boot Loader Version 3.2.4 (Checksum: 9D76F0F2)
Copyright (c) 1997-2006 Juniper Networks, Inc.
    Total physical memory: 256MB
    Test -  Pass
    Initialization - Done


Hit any key to run loader
Hit any key to run loader
Hit any key to run loader
Hit any key to run loader

Loading system image "$BABOOT$.BIN" from on-board flash disk...
Done! (size = 12,058,624 bytes)
cksum = bccb0096, p_hdr->cksum = c5ade254
### image corrupted ###

Hello,

I would advise to contact JTAC  and open a TAC case  to get  a OS version which uses older keys . Once we are able to load the older version, we should be able to recover the device and then follow tthe KB to update new keys and newer OS version.

Regards

Vatsa