Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 112
  • Last Modified:

Defaulting a Branch Juniper SRX240

Hello, I am typically a cisco guy, but I was giving a couple of Juniper SRX240's to deploy in my lab and I am having a hard time defaulting the password.  I am able to boot into boot -s by disabling watchdog.  But it appears these devices are in cluster mode and when I run set system root-authentication plain-text-password and hit commit, I get this:

root# commit
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: Interface <ge-0/0/1.0> vlan member <vlan-trust> undefined
error: configuration check-out failed

{hold:node0}[edit]

I have a strong feeling it is because of the cluster mode, how do I fix this so I can reboot it and get into factory default config to run?>
0
tomtom9898
Asked:
tomtom9898
  • 3
  • 2
1 Solution
 
JustInCaseNetwork EngineerCommented:
You can do it in a few different ways, depending on what is available to you.
If you know password:
[edit]
user@switch# load factory-default
[edit]
user@switch# set system root-authentication plain-text-password
[edit]
user@switch# commit and-quit

You can also reset device configuration by using hardware reset procedure.
Recovering root password for SRX device
0
 
JustInCaseNetwork EngineerCommented:
Also you can revert pending changes first (if any) by issuing:

rollback 0
commit

in config mode.
0
 
tomtom9898Author Commented:
Great idea. Let me try that
0
 
tomtom9898Author Commented:
My problem is this HA, it appears the hardware reset button does not work.  I am not sure how to get it out of cluster mode.  See blow:

root# commit confirmed
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: configuration check-out failed

{hold:node0}[edit]
root#
0
 
tomtom9898Author Commented:
user@host# delete vlans
user@host# delete interfaces vlan
user@host# delete interfaces interface-range interfaces-trust
user@host# delete security zones security-zone trust interfaces
user@host# commit

This finally let me commit...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now