Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  J2320 - Cannot Get IP or Access J-Web

    Posted 05-07-2017 12:27

    Hello,

     

    I know the J2320 is EOL, but I am really hoping someone here can help me with a problem that I'm hoping is easy to solve.

     

    I recently purchased a second hand J-Series J2320 router, but I cannot access the J-Web interface. My management device cannot get an IP from the J2320.

     

    My configuration has been restored to the factory default:

     

    root> show configuration
    ## Last commit: 2017-05-07 14:33:52 UTC by root
    version 12.1X46-D60.4;
    system {
        autoinstallation {
            delete-upon-commit; ## Deletes [system autoinstallation] upon change/commit
            traceoptions {
                level verbose;
                flag {
                    all;
                }
            }
        }
        services {
            ssh;
            web-management {
                http {
                    interface ge-0/0/0.0;
                }
            }
        }
        syslog {
            user * {
                any emergency;
            }
            file messages {
                any any;
                authorization info;
            }
            file interactive-commands {
                interactive-commands any;
            }
        }
        license {
            autoupdate {
                url https://ae1.juniper.net/junos/key_retrieval;
            }
        }
        ## Warning: missing mandatory statement(s): 'root-authentication'
    }
    interfaces {
        ge-0/0/0 {
            unit 0;
        }
    }
    security {
        screen {
            ids-option untrust-screen {
                icmp {
                    ping-death;
                }
                ip {
                    source-route-option;
                    tear-drop;
                }
                tcp {
                    syn-flood {
                        alarm-threshold 1024;
                        attack-threshold 200;
                        source-threshold 1024;
                        destination-threshold 2048;
                        timeout 20;
                    }
                    land;
                }
            }
        }
        policies {
            from-zone trust to-zone trust {
                policy default-permit {
                    match {
                        source-address any;
                        destination-address any;
                        application any;
                        source-identity any;
                    }
                    then {
                        permit;
                    }
                }
            }
            from-zone trust to-zone untrust {
                policy default-permit {
                    match {
                        source-address any;
                        destination-address any;
                        application any;
                        source-identity any;
                    }
                    then {
                        permit;
                    }
                }
            }
            from-zone untrust to-zone trust {
                policy default-deny {
                    match {
                        source-address any;
                        destination-address any;
                        application any;
                        source-identity any;
                    }
                    then {
                        deny;
                    }
                }
            }
        }
        zones {
            security-zone trust {
                tcp-rst;
                interfaces {
                    ge-0/0/0.0 {
                        host-inbound-traffic {
                            system-services {
                                http;
                                https;
                                ssh;
                                telnet;
                                dhcp;
                            }
                        }
                    }
                }
            }
            security-zone untrust {
                screen untrust-screen;
            }
        }
    }
    
    

     

     

     

    When my management device is plugged in (to ge-0/0/0.0, or ge-0/0/0.1, or any other of the front ports), it's ipconfig settings show:

     

    Ethernet adapter Ethernet 2:
    
       Connection-specific DNS Suffix  . :
       Autoconfiguration IPv4 Address. . : 169.254.213.208
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . :
    

    The 169 address showing that it has not discovered an ip address. Manually assigning one and even attempting to set up routes doesnt allow access to the J2320.

     

     

    Using Wireshark, I am able to see that my management device is making DHCP discover requests, but the J2320 is never responding with an IP. I do see RARP broadcast requests coming from the J2320 ("Who is 78:19:f7:x:x:x? tell 78:19:f7:x:x:x)

     

    I have tried manually configuring DHCP settings on the J2320, trying to set up the DHCP server (https://www.juniper.net/documentation/en_US/junos12.3/topics/task/configuration/dhcp-server-j-series-configuring.html😞

     

    configure
    edit system services dhcp
    set next-server 192.168.2.5
    set pool 192.168.2.0/24 address-range low 192.168.2.2 high 192.168.2.254      -- type it in, dont paste
    set pool 192.168.2.0/24 default-lease-time 1209600 maximum-lease-time 2419200
    set pool 192.168.2.0/24 domain-search test.local
    set pool 192.168.2.0/24 exclude-address 192.168.2.33
    set pool 192.168.2.0/24 name-server 192.168.2.2

     

     

    But i get this message:

     

    root> restart dhcp-service gracefully
    warning: dhcp-service subsystem not running - not needed by configuration.
    

     

     

    In case it was a security zones issue I've also tried:

     

    delete security
    set security forwarding-options family mpls mode packet-based

     

    The factory default not working is concerning. I feel like there is something fundamental that I am missing.

     

     

    Can anyone help me out?

     

     



  • 2.  RE: J2320 - Cannot Get IP or Access J-Web
    Best Answer

    Posted 05-08-2017 16:26

    You don't seem to have an interface configured for the dhcp gateway and the ip address as part of your dhcp configuration.

     

    set system services dhcp router 192.168.2.1

     

    set interfaces ge-0/0/0 unit 0 family inet address 192.168.1.1/24



  • 3.  RE: J2320 - Cannot Get IP or Access J-Web

    Posted 05-08-2017 17:57

    Thank you 

     

     

     

    Boot into the console
    Enter the CLI configuration by running: cli
    Enter configuration by entering: configure
    Enter a password (required to commit your configuration): set system root-authentication plain-text-password
    Then, configure the router according to spuluka's solution:
    edit system services dhcp
    set system services dhcp router 192.168.2.1
    set interfaces ge-0/0/0 unit 0 family inet address 192.168.2.1/24
    set pool 192.168.2.0/24 address-range low 192.168.2.2 high 192.168.2.254
    set pool 192.168.2.0/24 default-lease-time 1209600 maximum-lease-time 2419200
    commit
    exit
    exit

    Unplug and re-plug in your management device into port 0. Enjoy the access to J-Web 🙂