SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Lost access to SSH need to skip setup wizard

    Posted 09-07-2023 10:42

    I have 2 SRX340 firewalls that have lost access to SSH. SSH access was locked down to the main data center subnet. Long story short the site-to-site VPN between the data center and these two sites is down. At other sites with this issue, I was able to log into Jweb and add a new subnet to SSH from to the policy-options > prefix-list, and that worked fine. Unfortunately, these two sites go to the setup wizard when logging into jweb and I can't seem to get around it to add the new subnet. Is there any way to load the full jweb when the SRX keeps loading the setup wizard. Note that the two units throwing the setup wizard have been in production for at least a year.



    ------------------------------
    BRIAN HOLZAPFEL
    ------------------------------


  • 2.  RE: Lost access to SSH need to skip setup wizard

    Posted 09-09-2023 09:16

    Are you able to connect via cli and check the web management configuration.

    show configuration system services web-management

    I can't find the documentation but seem to remember there is some statement here that gets removed after the wizard is run and might still be in your configuration.



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: Lost access to SSH need to skip setup wizard

    Posted 09-11-2023 11:05
    Edited by BRIAN HOLZAPFEL 09-12-2023 08:53

    ** Removed double post



  • 4.  RE: Lost access to SSH need to skip setup wizard

    Posted 09-11-2023 11:05

    I know the command to turn it off from the CLI, "delete system autoinstallation"

    My issue is I can't access the CLI because it is locked down to a subnet that is unreachable because the Site to Site changed unexpectedly. I have 84 sites that have VPNs back to the main site and have been able to update the VPN using GUI in all but two. Those two sites have the GUI defaulting to the setup wizard. I need to bypass the GUI so I can change the VPN, then I can access the CLI and deal with the setup issue.



    ------------------------------
    BRIAN HOLZAPFEL
    ------------------------------