Solved

Defaulting a Branch Juniper SRX240

Posted on 2016-10-29
5
41 Views
Last Modified: 2016-11-07
Hello, I am typically a cisco guy, but I was giving a couple of Juniper SRX240's to deploy in my lab and I am having a hard time defaulting the password.  I am able to boot into boot -s by disabling watchdog.  But it appears these devices are in cluster mode and when I run set system root-authentication plain-text-password and hit commit, I get this:

root# commit
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: Interface <ge-0/0/1.0> vlan member <vlan-trust> undefined
error: configuration check-out failed

{hold:node0}[edit]

I have a strong feeling it is because of the cluster mode, how do I fix this so I can reboot it and get into factory default config to run?>
0
Comment
Question by:tomtom9898
  • 3
  • 2
5 Comments
 
LVL 27

Expert Comment

by:Predrag Jovic
ID: 41865611
You can do it in a few different ways, depending on what is available to you.
If you know password:
[edit]
user@switch# load factory-default
[edit]
user@switch# set system root-authentication plain-text-password
[edit]
user@switch# commit and-quit

You can also reset device configuration by using hardware reset procedure.
Recovering root password for SRX device
0
 
LVL 27

Accepted Solution

by:
Predrag Jovic earned 500 total points
ID: 41865630
Also you can revert pending changes first (if any) by issuing:

rollback 0
commit

in config mode.
0
 

Author Comment

by:tomtom9898
ID: 41866439
Great idea. Let me try that
0
 

Author Comment

by:tomtom9898
ID: 41866446
My problem is this HA, it appears the hardware reset button does not work.  I am not sure how to get it out of cluster mode.  See blow:

root# commit confirmed
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: configuration check-out failed

{hold:node0}[edit]
root#
0
 

Author Comment

by:tomtom9898
ID: 41866448
user@host# delete vlans
user@host# delete interfaces vlan
user@host# delete interfaces interface-range interfaces-trust
user@host# delete security zones security-zone trust interfaces
user@host# commit

This finally let me commit...
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question