• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1375
  • Last Modified:

Juniper ex4200

Hi All,
I'm configuring some Juniper ex4200 48PoE+ switches and I can't see to get my configurations to stick.

Here's an example of the setup template that I'm using:
Equipment Refresh switch build process
1.      Record and add system serial numbers to inventory sheet
a.      switch serial
2.      Build system
a.      switch
b.      uplink module
c.      power supplies
d.      optics
3.      Power system both PSUs
4.      Level set software level
a.      root@ex-4200:RE:0% mount_msdosfs /dev/da1s1 /mnt
b.      cli
c.      request system software add /mnt/jinstall-ex-4200-11.4R5.5-domestic-signed.tgz
d.      request system reboot
e.      answer yes to reload

Mind you these configs take about 10-15 mins. each to load all of this info. so it's a heart-breaking when they don't stick at the end.  

I'm thinking that I need to enter the commit command somewhere in here prior to restarting?   If so, where where would the commit command go, perhaps after line c:
or before I perform d: request the system reboot?  

Thanks All,
R
0
rotarypwr
Asked:
rotarypwr
  • 3
  • 2
1 Solution
 
deimarkCommented:
The above only really installs the hardware and then installs to a version of junos.

What kind of config do you want to add?

Bear in mind that the factory default config on an EX4200 is to put all interfaces into access mode and enable ethernet-switching, for anything extra, like configure the mgmt port me0, you will need extra config.

What is it you are trying to achieve at the end of the prep?  Just software upgrade or software upgrade and IP ready?
0
 
rotarypwrAuthor Commented:
Thank you  deimark.  I see what you're saying.  These are brand new switches, so being a Cisco guy they just handed me the project and said figure it out.  Junos is totally different than IOS or even Nexus OS I've noticed.  HUGE difference... not sure if better or worse, not yet at least.  

So, I'm just loading up the new version of Junos with those steps previously mentioned.  Now I see.  I'm 100% a cisco guy and struggling with the commands.  So, after I load up the aforementioned, then I need to configure my switches? right?  At that point, I can just enter in my config file that I have separately?


 
From what I've read thus far I do the following, please pardon my learning curve.
1.>  I logon to the EX4200 as: root
2.> go into cli
3> copy my configure file like so, I changed the IP addresses so, you can ignore those if you want.  

copy and paste the following (i changed the RSA key stuff with all AAA), so please ignore that.

set system host-name KungFu
set system time-zone America/Los_Angeles
set system root-authentication encrypted-password "$1$3tlvls1z$PyrQPEIiAxMPQpxij1auz0"
set system name-server 10.10.10.10
set system name-server 10.10.10.20
set system login user brucelee uid 2000
set system login user brucelee class superuser
set system login user brucelee authentication encrypted-password "$1$S3E45Tyu$om7CdXtLEkBXdAfK3cSDS/"
set system services ftp
set system services ssh
set system services web-management https local-certificate mycert.pem
set system syslog user * any emergency
set system syslog host 10.10.11.10 any any
set system syslog host 10.10.11.10 source-address 10.10.12.10
set system syslog host 10.10.13.10 any any
set system syslog host 10.10.13.10 source-address 10.10.12.10
set system syslog host 10.10.14.10 any any
set system syslog host 10.10.14.10 source-address 10.10.12.10
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system ntp boot-server 10.10.15.10
set system ntp server 10.10.10.10    
set system ntp server 10.10.10.20
set chassis fpc 0 pic 1 sfpplus pic-mode 1g

set interfaces vlan unit 1 family inet address 10.10.12.10/24

set routing-options static route 0.0.0.0/0 next-hop 10.10.12.9

set protocols igmp-snooping vlan all
set protocols rstp
set protocols lldp interface all
set protocols lldp-med interface all
set security certificates local mycert.pem "-----BEGIN RSA PRIVATE KEY-----\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
=\n-----END CERTIFICATE-----\n"
set firewall family inet filter management-l3-access term 1 from source-address 10.10.0.0/16
set firewall family inet filter management-l3-access term 1 from source-address 10.20.0.0/16
set firewall family inet filter management-l3-access term 1 from source-address 10.10.17.0/17
set firewall family inet filter management-l3-access term 1 from destination-port ssh
set firewall family inet filter management-l3-access term 1 from destination-port https
set firewall family inet filter management-l3-access term 1 then accept
set firewall family inet filter management-l3-access term 2 from destination-port ssh
set firewall family inet filter management-l3-access term 2 from destination-port https
set firewall family inet filter management-l3-access term 2 then discard
set firewall family inet filter management-l3-access term 3 then accept
set ethernet-switching-options storm-control interface all
set vlans localnet vlan-id 1
set vlans localnet l3-interface vlan.1
set poe interface all

4.> type in the command:  commit

Thanks,
RP
0
 
deimarkCommented:
Do you get any errors when you commit?  Everything seems to be there to get it working.

When you commit on junos you should get errors if the config is hooky and it will normally tell you where the error is.
0
 
rotarypwrAuthor Commented:
No, but what you said earlier made me realize I was making a stupid mistake and I think now I have figured out the "correct" way to execute this process thanks to your guidance.  

I am sure I will have some more Junos re: questions later today or in the next few days, so keeps your eyes open deimark if you're interested in taking a look.  

Thanks for your feedback and guidance!,
R
0
 
deimarkCommented:
Glad I could help bud. ;)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now