Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Defaulting a Branch Juniper SRX240

Posted on 2016-10-29
Medium Priority
Last Modified: 2016-11-07
Hello, I am typically a cisco guy, but I was giving a couple of Juniper SRX240's to deploy in my lab and I am having a hard time defaulting the password.  I am able to boot into boot -s by disabling watchdog.  But it appears these devices are in cluster mode and when I run set system root-authentication plain-text-password and hit commit, I get this:

root# commit
     HA control port cannot be configured
error: Interface <ge-0/0/1.0> vlan member <vlan-trust> undefined
error: configuration check-out failed


I have a strong feeling it is because of the cluster mode, how do I fix this so I can reboot it and get into factory default config to run?>
Question by:tomtom9898
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 31

Expert Comment

ID: 41865611
You can do it in a few different ways, depending on what is available to you.
If you know password:
user@switch# load factory-default
user@switch# set system root-authentication plain-text-password
user@switch# commit and-quit

You can also reset device configuration by using hardware reset procedure.
Recovering root password for SRX device
LVL 31

Accepted Solution

Predrag earned 2000 total points
ID: 41865630
Also you can revert pending changes first (if any) by issuing:

rollback 0

in config mode.

Author Comment

ID: 41866439
Great idea. Let me try that

Author Comment

ID: 41866446
My problem is this HA, it appears the hardware reset button does not work.  I am not sure how to get it out of cluster mode.  See blow:

root# commit confirmed
     HA control port cannot be configured
error: configuration check-out failed


Author Comment

ID: 41866448
user@host# delete vlans
user@host# delete interfaces vlan
user@host# delete interfaces interface-range interfaces-trust
user@host# delete security zones security-zone trust interfaces
user@host# commit

This finally let me commit...

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question