Home > Juniper > How do i update my SRX210 to latest firmwire?

How do i update my SRX210 to latest firmwire?

Q. How do i update my SRX210 to latest firmwire? 
A. Go to IRC first, meet genius friends, follow this now:

## USB connected
root@% umass1: vendor 0x13fe USB DISK 2.0, rev 2.00/1.00, addr 4
da1 at umass-sim1 bus 1 target 0 lun 0
da1: < USB DISK 2.0 PMAP> Removable Direct Access SCSI-0 device 
da1: 40.000MB/s transfers
da1: 1910MB (3911680 512 byte sectors: 255H 63S/T 243C)

root@% ls /dev/da*
/dev/da0        /dev/da0s1a     /dev/da0s1e     /dev/da1
/dev/da0s1      /dev/da0s1c     /dev/da0s1f     /dev/da1s1

root@% mount /dev/da1s1 /mnt
mount: /dev/da1s1 : Invalid argument

## Mount usb
root@% mount_msdosfs /dev/da1s1 /mnt
root@% cd /mnt
root@% ls
.Trash-500                              junos-srxsme-11.1R3.5-domestic.tgz

## Copy new to old (Backup it!)
root@% cp -R junos-srxsme-11.1R3.5-domestic.tgz /var/tmp/
root@% cli

## Install request
root> request system software add no-validate no-copy unlink /var/tmp/junos-srxsme-11.1R3.5-domestic.tgz
Installing package '/var/tmp/junos-srxsme-11.1R3.5-domestic.tgz' ...
Verified junos-boot-srxsme-11.1R3.5.tgz signed by PackageProduction_11_1_0
Verified junos-srxsme-11.1R3.5-domestic signed by PackageProduction_11_1_0
Available space: 204128 require: 25022
Saving boot file package in /var/sw/pkg/junos-boot-srxsme-11.1R3.5.tgz
JUNOS 11.1R3.5 will become active at next reboot
WARNING: A reboot is required to load this software correctly
WARNING:     Use the 'request system reboot' command
WARNING:         when software installation is complete
Saving state for rollback ...
Removing /var/tmp/junos-srxsme-11.1R3.5-domestic.tgz

Removing /var/tmp/junos-srxsme-11.1R3.5-domestic.tgz

root> request system reboot   
Reboot the system ? [yes,no] (no) yes 

Shutdown NOW!
[pid 4746]

root>                                                                                
*** FINAL System shutdown message from root@ ***                             
System going down IMMEDIATELY                                                  
                                                               


set version 11.1R3.5
set system root-authentication encrypted-password "PAPA   MAMA"
set system name-server 195.130.130.1
set system name-server 195.130.131.1
set system services ssh
set system services telnet
set system services web-management http interface vlan.0
set system services web-management https system-generated-certificate
set system services web-management https interface vlan.0
set system services dhcp router 192.168.1.1
set system services dhcp pool 192.168.1.0/24 address-range low 192.168.1.2
set system services dhcp pool 192.168.1.0/24 address-range high 192.168.1.254
set system services dhcp propagate-settings ge-0/0/0.0
set system syslog archive size 100k
set system syslog archive files 3
set system syslog user * any emergency
set system syslog file messages any critical
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands error
set system max-configurations-on-flash 5
set system max-configuration-rollbacks 5
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set interfaces interface-range interfaces-trust member ge-0/0/1
set interfaces interface-range interfaces-trust member fe-0/0/2
set interfaces interface-range interfaces-trust member fe-0/0/3
set interfaces interface-range interfaces-trust member fe-0/0/4
set interfaces interface-range interfaces-trust member fe-0/0/5
set interfaces interface-range interfaces-trust member fe-0/0/6
set interfaces interface-range interfaces-trust member fe-0/0/7
set interfaces interface-range interfaces-trust unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/0 mac 08:00:69:02:01:fc
set interfaces ge-0/0/0 unit 0 family inet dhcp
set interfaces vlan unit 0 family inet address 192.168.1.1/24
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
set security nat destination pool dst-nat-pool-1 address 192.168.1.2/32
set security nat destination rule-set rs1 from zone untrust
set security nat destination rule-set rs1 rule r1 match destination-address 0.0.0.0/0
set security nat destination rule-set rs1 rule r1 then destination-nat pool dst-nat-pool-1
set security nat proxy-arp interface ge-0/0/0.0 address 1.1.1.100/32 to 1.1.1.101/32
set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
set security policies from-zone untrust to-zone trust policy server-access match source-address any
set security policies from-zone untrust to-zone trust policy server-access match destination-address server-1
set security policies from-zone untrust to-zone trust policy server-access match application any
set security policies from-zone untrust to-zone trust policy server-access then permit
set security zones security-zone trust address-book address server-1 192.168.1.2/32
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces vlan.0
set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services tftp
set vlans vlan-trust vlan-id 3          
set vlans vlan-trust l3-interface vlan.0
                                        
[edit]
root#
Advertisements
Categories: Juniper
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: