How to Set Up the SRX Services Gateway
The most common way to configure a newly installed Juniper SRX Services Gateway is by using the RJ-45 serial console port. After all, someone has to actually be at the device to install it (remote hardware installation might be possible someday, but that’s a long way off).
Another reason is that access via any of the other methods (management port, J-web, NSM) on high-end SRX platforms requires initial configuration of modular components, whereas the console port on low-end SRX devices uses the default factory configuration because of their fixed hardware configuration.
When you connect to the console port, you need the SRX console cable that shipped with the device, a computer (usually a laptop) with a serial port (or provide a USB-to-serial adapter), and a terminal emulation application on the computer, such as the Windows Hyper Terminal.
To access the SRX through the console port, do the following:
Connect the cable between the computer port and the SRX console port.
Open the terminal emulation program by clicking on it or running it.
In the terminal emulation program, set the COM port options to 9600 bits per second, 8 data bits, no parity, 1 stop bit, and no flow control.
Click Open or Connect (the term varies in different applications).
Apple computers are a little more complex. You’ll need a USB-to-serial adapter to connect the cable to the console port, and you also need to know the name of the device using the $ ls /dev/ command. After you determine this name, open a terminal window and type $ screen /dev/device-name 9600, where device-name is the name determined for the SRX.
If you connect during the boot process, you will see a mass of scrolling messages on the screen. After the new SRX boots and is stable, you will see a login prompt for SRX Amnesiac (meaning the system has amnesia and does not remember who it is):
Amnesiac (ttyu0) Login:
If the SRX is not new, the prompt may be very different. It may include a banner, and the system will recall its name. The key is that the word Amnesiac will not appear.
At this point, you can log in with “root” as the username and no password (especially in Amnesiac mode). Then you see something like this:
--- JUNOS 10.1R1.8 built 2010-07-12 18:31:54 UTC root@%
If the “root” username does not work, the SRX is not using the default factory configuration. There may be legitimate reasons for not deleting all configuration information, and there is a way to reset the root or super-user account password.
Any SRX running Junos 10.4 or higher makes use of wizards in J-web to make the whole thing even simpler. If you’re a newbie, start with the wizards to get it running; then take the time to experiment with other J-web tools and the CLI.