Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Juniper ex4200

Posted on 2012-12-21
5
1,279 Views
Last Modified: 2012-12-22
Hi All,
I'm configuring some Juniper ex4200 48PoE+ switches and I can't see to get my configurations to stick.

Here's an example of the setup template that I'm using:
Equipment Refresh switch build process
1.      Record and add system serial numbers to inventory sheet
a.      switch serial
2.      Build system
a.      switch
b.      uplink module
c.      power supplies
d.      optics
3.      Power system both PSUs
4.      Level set software level
a.      root@ex-4200:RE:0% mount_msdosfs /dev/da1s1 /mnt
b.      cli
c.      request system software add /mnt/jinstall-ex-4200-11.4R5.5-domestic-signed.tgz
d.      request system reboot
e.      answer yes to reload

Mind you these configs take about 10-15 mins. each to load all of this info. so it's a heart-breaking when they don't stick at the end.  

I'm thinking that I need to enter the commit command somewhere in here prior to restarting?   If so, where where would the commit command go, perhaps after line c:
or before I perform d: request the system reboot?  

Thanks All,
R
0
Comment
Question by:rotarypwr
  • 3
  • 2
5 Comments
 
LVL 18

Expert Comment

by:deimark
ID: 38715492
The above only really installs the hardware and then installs to a version of junos.

What kind of config do you want to add?

Bear in mind that the factory default config on an EX4200 is to put all interfaces into access mode and enable ethernet-switching, for anything extra, like configure the mgmt port me0, you will need extra config.

What is it you are trying to achieve at the end of the prep?  Just software upgrade or software upgrade and IP ready?
0
 

Author Comment

by:rotarypwr
ID: 38715866
Thank you  deimark.  I see what you're saying.  These are brand new switches, so being a Cisco guy they just handed me the project and said figure it out.  Junos is totally different than IOS or even Nexus OS I've noticed.  HUGE difference... not sure if better or worse, not yet at least.  

So, I'm just loading up the new version of Junos with those steps previously mentioned.  Now I see.  I'm 100% a cisco guy and struggling with the commands.  So, after I load up the aforementioned, then I need to configure my switches? right?  At that point, I can just enter in my config file that I have separately?


 
From what I've read thus far I do the following, please pardon my learning curve.
1.>  I logon to the EX4200 as: root
2.> go into cli
3> copy my configure file like so, I changed the IP addresses so, you can ignore those if you want.  

copy and paste the following (i changed the RSA key stuff with all AAA), so please ignore that.

set system host-name KungFu
set system time-zone America/Los_Angeles
set system root-authentication encrypted-password "$1$3tlvls1z$PyrQPEIiAxMPQpxij1auz0"
set system name-server 10.10.10.10
set system name-server 10.10.10.20
set system login user brucelee uid 2000
set system login user brucelee class superuser
set system login user brucelee authentication encrypted-password "$1$S3E45Tyu$om7CdXtLEkBXdAfK3cSDS/"
set system services ftp
set system services ssh
set system services web-management https local-certificate mycert.pem
set system syslog user * any emergency
set system syslog host 10.10.11.10 any any
set system syslog host 10.10.11.10 source-address 10.10.12.10
set system syslog host 10.10.13.10 any any
set system syslog host 10.10.13.10 source-address 10.10.12.10
set system syslog host 10.10.14.10 any any
set system syslog host 10.10.14.10 source-address 10.10.12.10
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system ntp boot-server 10.10.15.10
set system ntp server 10.10.10.10    
set system ntp server 10.10.10.20
set chassis fpc 0 pic 1 sfpplus pic-mode 1g

set interfaces vlan unit 1 family inet address 10.10.12.10/24

set routing-options static route 0.0.0.0/0 next-hop 10.10.12.9

set protocols igmp-snooping vlan all
set protocols rstp
set protocols lldp interface all
set protocols lldp-med interface all
set security certificates local mycert.pem "-----BEGIN RSA PRIVATE KEY-----\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
=\n-----END CERTIFICATE-----\n"
set firewall family inet filter management-l3-access term 1 from source-address 10.10.0.0/16
set firewall family inet filter management-l3-access term 1 from source-address 10.20.0.0/16
set firewall family inet filter management-l3-access term 1 from source-address 10.10.17.0/17
set firewall family inet filter management-l3-access term 1 from destination-port ssh
set firewall family inet filter management-l3-access term 1 from destination-port https
set firewall family inet filter management-l3-access term 1 then accept
set firewall family inet filter management-l3-access term 2 from destination-port ssh
set firewall family inet filter management-l3-access term 2 from destination-port https
set firewall family inet filter management-l3-access term 2 then discard
set firewall family inet filter management-l3-access term 3 then accept
set ethernet-switching-options storm-control interface all
set vlans localnet vlan-id 1
set vlans localnet l3-interface vlan.1
set poe interface all

4.> type in the command:  commit

Thanks,
RP
0
 
LVL 18

Accepted Solution

by:
deimark earned 500 total points
ID: 38715909
Do you get any errors when you commit?  Everything seems to be there to get it working.

When you commit on junos you should get errors if the config is hooky and it will normally tell you where the error is.
0
 

Author Comment

by:rotarypwr
ID: 38715917
No, but what you said earlier made me realize I was making a stupid mistake and I think now I have figured out the "correct" way to execute this process thanks to your guidance.  

I am sure I will have some more Junos re: questions later today or in the next few days, so keeps your eyes open deimark if you're interested in taking a look.  

Thanks for your feedback and guidance!,
R
0
 
LVL 18

Expert Comment

by:deimark
ID: 38716085
Glad I could help bud. ;)
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question