Memorise

Archive for the ‘SRX’ Category

Juniper Hardware LED check

{primary:node1}enroute@SRX> show chassis craft-interface node0: Front Panel System Indicator: Routing Engine 0 OK * Front Panel Alarm Indicator: RED *ORANGE . Front Panel HA Indicator: RED .ORANGE .GREEN * Front Panel PS Indicator: PS 0 RED .GREEN * node1: Front Panel System Indicator: Routing Engine 0 OK * Front Panel Alarm Indicator: RED .ORANGE . […]

JunOS: Cleanup Storage Space

Sometimes you will want to install a switch or router update, and you will find that there is not enough space: root@Switch01> request system software add /var/tmp/ex-2300-18.3R1.9.tgz reboot ERROR: estimate of space required: 115 Mbytes, available: 89 Mbytes One option is to request a ‘cleanup’. The dry-run option below lists the files that are candidates to be […]

Troubleshooting a Site to Site VPN on a SRX

1. Confirm Configuration First of all check the VPN configuration. This is also useful if and when you need to confirm the Phase 1 and Phase 2 parameter’s with the remote end. admin@srx> show configuration security ikeadmin@srx> show configuration security ipsec {loadposition content_lock} 2. Confirm Phase 1 To confirm the successful completion of Phase 1 […]

Juniper SRX – Configuring BT FTTP PPPoE

This configuration is set up on Juniper SRX 340 running JUNOS 20.2R1.10 Note: The username is the same for everyone btbusinesshub@business.btclick.com password is anything chap authentication method outside/untrust interface being ge-0/0/7.0 set interfaces ge-0/0/7 unit 0 encapsulation ppp-over-ether –Optional — set security zones security-zone Internet interfaces pp0.0 host-inbound-traffic system-services pingset security zones security-zone Internet interfaces […]

Juniper SRX certificate ‘aamw-srx-cert’: certificate does not exist

error: certificate ‘aamw-srx-cert’: certificate does not exist .error: trusted-ca ‘aamw-cloud-ca’ does not exist!error: trusted-ca ‘aamw-secintel-ca’ does not exist! Error: {primary:node0}[edit]root# commit and-quit[edit security pki]‘ca-profile aamw-secintel-ca’Missing mandatory statement: ‘ca-identity’[edit security pki]‘ca-profile aamw-cloud-ca’Missing mandatory statement: ‘ca-identity’error: commit failed: (missing mandatory statements) FIX: {primary:node0}[edit]root# delete security pki {primary:node0}[edit]root# commit and-quitwarning: You have changed enhanced services mode.You must reboot […]

Install Software via CLI (from Junos software copied to USB stick)

Follow these steps to install the software via the CLI from a USB stick: Download the Junos upgrade file to the USB stick.  Locate the USB device ID that Junos is associating to the USB stick:user@srx> start shell user@srx% ls /dev/ > /var/tmp/before_USB.txt Insert the USB device into the USB slot.  For example, slot 0 would return the following:root# umass0: […]

THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE

login as: root Using keyboard-interactive authentication. Password: Last login: Fri Jun 29 09:58:18 2018 from 83.244.171.242 — JUNOS 15.1X49-D45 built 2016-04-25 07:29:58 UTC *********************************************************************** ** ** ** WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE ** ** ** ** It is possible that the primary copy of JUNOS failed to boot up ** […]

Debugging a Site to Site VPN on an Juniper SRX series

Within this article we will look at the various steps required in debugging a Site to Site VPN on an SRX series gateway. 1. CONFIRM CONFIGURATION First of all check the VPN configuration. This is also useful if and when you need to confirm the Phase 1 and Phase 2 parameter’s with the remote end. […]