Junos OS

 View Only
last person joined: 7 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  SRX300 upgraded to 22.4R3.25 - Web Login forever shows "Fetching Information" and never allows actual login.

    Posted 02-27-2024 20:04
    Edited by bkamen 02-27-2024 20:04


    I finally got this one SRX300 upgraded out of JunOS 15... and somewhere in 20.4 or something, I see this at the login. 

    I can login via serial console or SSH. The config has been reset to factory defaults with the only change being making ge-0/0/7.0 a static IP and allowing http/https access in the zones rules. 

    I did not engage the initial config wizard. 

    What else am I missing? 

    Thanks,

     -Ben



    ------------------------------
    Ben Kamen
    ------------------------------



  • 2.  RE: SRX300 upgraded to 22.4R3.25 - Web Login forever shows "Fetching Information" and never allows actual login.

    Posted 02-28-2024 03:40

    Hi Ben,

    I would recommend staying on the JTac recommend version which is currently 21.4R3-S5, a full list can be found here https://supportportal.juniper.net/s/article/Junos-Software-Versions-Suggested-Releases-to-Consider-and-Evaluate.

    If you want/or need to stay on 22.4 I would recommend the latest S version.



    ------------------------------
    HARRY
    ------------------------------



  • 3.  RE: SRX300 upgraded to 22.4R3.25 - Web Login forever shows "Fetching Information" and never allows actual login.

    Posted 02-28-2024 12:49
    Edited by bkamen 02-28-2024 15:36

    I spoke with Juniper support barking at them as to when the updated software would be available that fixes that nasty CVE.

    I was told Feb. 15th. So I waited and then Poof - this version is the latest version (published on Feb 10th).

    But this was happening as I gradually rolled up from JunOS 15 up to 19 up to 20 then 21 then 22 starting with (I think) 20.2Rsomething.

    So I don't think switching back to the recommended version will fix this weird problem. 

    Any other thoughts that come to mind?



    ------------------------------
    Ben Kamen
    ------------------------------



  • 4.  RE: SRX300 upgraded to 22.4R3.25 - Web Login forever shows "Fetching Information" and never allows actual login.

    Posted 02-29-2024 05:47

    Hi Ben,

    Since you have performed upgrade from as far back as 15.1 it is likely your system is still using old cryptographic keys. These are not typically reset by loading factory default configuration. You will need to initiate a `request system zeroize`. This deletes everything including old crypto keys, system cache and deamon files.


    There are some articles regarding upgrading the TPM Firmware, if you are confident with it... 
    https://supportportal.juniper.net/s/article/SRX-Upgrading-TPM-Firmware-on-SRX-Devices?language=en_US  
    https://webdownload.juniper.net/swdl/dl/secure/site/1/record/155102.html?pf=SRX300

    I would start with the zeroize... lol
    The system will automatically generate new certificates or you can use your own. And any potentially corrupt system cache files will be cleared. 



    ------------------------------
    GAVIN WHITE
    ------------------------------