?
Solved

Defaulting a Branch Juniper SRX240

Posted on 2016-10-29
5
Medium Priority
?
65 Views
Last Modified: 2016-11-07
Hello, I am typically a cisco guy, but I was giving a couple of Juniper SRX240's to deploy in my lab and I am having a hard time defaulting the password.  I am able to boot into boot -s by disabling watchdog.  But it appears these devices are in cluster mode and when I run set system root-authentication plain-text-password and hit commit, I get this:

root# commit
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: Interface <ge-0/0/1.0> vlan member <vlan-trust> undefined
error: configuration check-out failed

{hold:node0}[edit]

I have a strong feeling it is because of the cluster mode, how do I fix this so I can reboot it and get into factory default config to run?>
0
Comment
Question by:tomtom9898
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 30

Expert Comment

by:Predrag
ID: 41865611
You can do it in a few different ways, depending on what is available to you.
If you know password:
[edit]
user@switch# load factory-default
[edit]
user@switch# set system root-authentication plain-text-password
[edit]
user@switch# commit and-quit

You can also reset device configuration by using hardware reset procedure.
Recovering root password for SRX device
0
 
LVL 30

Accepted Solution

by:
Predrag earned 2000 total points
ID: 41865630
Also you can revert pending changes first (if any) by issuing:

rollback 0
commit

in config mode.
0
 

Author Comment

by:tomtom9898
ID: 41866439
Great idea. Let me try that
0
 

Author Comment

by:tomtom9898
ID: 41866446
My problem is this HA, it appears the hardware reset button does not work.  I am not sure how to get it out of cluster mode.  See blow:

root# commit confirmed
[edit]
  'ge-0/0/1'
     HA control port cannot be configured
error: configuration check-out failed

{hold:node0}[edit]
root#
0
 

Author Comment

by:tomtom9898
ID: 41866448
user@host# delete vlans
user@host# delete interfaces vlan
user@host# delete interfaces interface-range interfaces-trust
user@host# delete security zones security-zone trust interfaces
user@host# commit

This finally let me commit...
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question