Solved

Defaulting a Branch Juniper SRX240

Posted on 2016-10-29
5
63 Views
Last Modified: 2016-11-07
Hello, I am typically a cisco guy, but I was giving a couple of Juniper SRX240's to deploy in my lab and I am having a hard time defaulting the password.  I am able to boot into boot -s by disabling watchdog.  But it appears these devices are in cluster mode and when I run set system root-authentication plain-text-password and hit commit, I get this:

root# commit
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: Interface <ge-0/0/1.0> vlan member <vlan-trust> undefined
error: configuration check-out failed

{hold:node0}[edit]

I have a strong feeling it is because of the cluster mode, how do I fix this so I can reboot it and get into factory default config to run?>
0
Comment
Question by:tomtom9898
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 30

Expert Comment

by:Predrag
ID: 41865611
You can do it in a few different ways, depending on what is available to you.
If you know password:
[edit]
user@switch# load factory-default
[edit]
user@switch# set system root-authentication plain-text-password
[edit]
user@switch# commit and-quit

You can also reset device configuration by using hardware reset procedure.
Recovering root password for SRX device
0
 
LVL 30

Accepted Solution

by:
Predrag earned 500 total points
ID: 41865630
Also you can revert pending changes first (if any) by issuing:

rollback 0
commit

in config mode.
0
 

Author Comment

by:tomtom9898
ID: 41866439
Great idea. Let me try that
0
 

Author Comment

by:tomtom9898
ID: 41866446
My problem is this HA, it appears the hardware reset button does not work.  I am not sure how to get it out of cluster mode.  See blow:

root# commit confirmed
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: configuration check-out failed

{hold:node0}[edit]
root#
0
 

Author Comment

by:tomtom9898
ID: 41866448
user@host# delete vlans
user@host# delete interfaces vlan
user@host# delete interfaces interface-range interfaces-trust
user@host# delete security zones security-zone trust interfaces
user@host# commit

This finally let me commit...
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question