martedì 19 maggio 2015

JUNIPER SRX 1400 Firmware Upgrade

Buon salve all,
how are you? How does proceed your digital life?

Today we speak about....Juuuuniiiiipeeeer!!!
Yes, you understand correctly, I speak again of Juniper firewalls and in particular SRX 1400 models.
It's the second time I have to update the firmware of a SRX 1400, and it's te second time I encounter some issues.

The first procedure I try to follow, it has been the upgrade directly from Web Interface.



The web pages doesn't proceed on the following steps. (Instead I used this procedure for, for example, SRX240 or lower). I have tried both with Internet Explorer, both with Firefox and also with Chrome. The results it has been always the same: failure.

So I have decided to try with the second procedure: ftp and tftp upload of the file and request of the firmware upgrade via console. I report, the procedure I have followed (Juniper Link), below.

Follow these steps to copy the software to the SRX device and then perform the software installation via the CLI:

Copy software to SRX via SCP or FTP to /var/tmp:

For example:
user@srx>  scp  junos-srxsme-11.4R4.4-domestic.tgz  user@srx:/var/tmp/junos-srxsme-11.4R4.4-domestic.tgz

OR

user@srx>  ftp <ip address of local ftp server>  (and login)
user@srx>  lcd /var/tmp
user@srx>  bin
user@srx>  get junos-srxsme-11.4R4.4-domestic.tgz
user@srx>  bye

Install software with the commands below.  For detailed instructions, refer to Installing the Software.

For example:
From the local file in /var/tmp
user@srx>  request system software add no-copy /var/tmp/junos-srxsme-11.4R4.4-domestic.tgz
user@srx>  request system reboot

The results it has been the same as before: failure. It was not possible to open the ftp server installed in the client. The communication between SRX1400 and client was ok (they can ping each other). No windows firewall onboard the PC.



So I have decided to try with the third and solving procedure: upload the file from a USB stick and request of the firmware upgrade via console. I report, the procedure I have followed (Juniper Link), below.

Follow these steps to install the software via the CLI from a USB stick:

Download the Junos upgrade file to the USB stick.

Locate the USB device ID that Junos is associating to the USB stick:

user@srx> start shell
user@srx% ls /dev/


Insert the USB device into the USB slot.  For example, slot 0 would return the following:

root# umass0: USB USBFlashDrive, rev 2.00/1.00, addr 2
da0 at umass-sim0 bus 0 target 0 lun 0
da0: <USB USBFlashDrive 0100> Removable Direct Access SCSI-0 device
da0: 1.000MB/s transfers
da0: 980MB (2007040 512 byte sectors: 64H 32S/T 980C)


Run the following command

user@srx% ls /dev/

Locate difference in outputs to locate drive label. (It will usually be da#s1, i.e. da0s1)

Create a mount directory:

user@srx% mkdir /tmp/usb

Mount the USB to the directory:

user@srx% mount -t msdosfs /dev/<drivelabel, e.g. #da0s1> /tmp/usb

Example:
user@srx% mount -t msdosfs /dev/da0s1 /tmp/usb (there is a space between the label name and /tmp)


Verify that the USB is mounted to the device:
root@% pwd
/cf/root
root@% cd /tmp/usb/
root@% pwd
/cf/tmp/usb
root@% ls
junos-jsr-11.4R5.7-export.tgz


Exit shell and install the software:

user@srx% exit
user@srx> request system software add /tmp/usb/<upgrade filename> no-validate no-copy


For additional details regarding a software installation, refer to the instructions at Installing the Software.
Upon completion, reboot the SRX, BUT BEFORE REMOVE THE USB DEVICE FROM SRX (if not the SRX try to boot from USB Device - My personal note due to personal experience ;) )

user@srx> request system reboot


This procedure it has been to one that solved my issue...two times.


And for today it's all.

I hope this post can help you and your troubleshooting! 
Have a nice digitalday!
DiGiTsHaMaN

1 commento: