Juniper SRX: Initial Lab Setup
The Juniper SRX device is Jeniper security applicance with security, routing, and networking features. The security feature includes NGF, IPS, UTM, and more. SRX stands for security, routing, and networking.
I started the setup of my 2 Juniper SRX 320 device today and it did not start the way I tought it would. Let me tell you what happen.
What I got in the boxes
Here is what I got in the box:
- the SRX320 firewall device
- two console cables (DB9 to RJ-45 and usb to mini-usb)
- and a quite big PSU
It box contains basically anything you would need to get up and running.
Configuring the Juniper SRX320 Device
I am going to configure the device for my homelab and this is the initial configuration. So there will not be anything much in it. Just the basic to start with then change the configuration based on the lab I am woring on. I will be posting a series of the labs I am doing in my blog here.
Junos version
See what version of Junos came with the device:
show version
show system information
Factory configuration
To see the factory configuration, run:
show configuration
We can specify the topic after this command to see the configuration of the selected topic. For example show configuration security to see the security configuration of the SRX device.
We can even select a sub topic to see even filtered configuration. For example show configuration security policies to see security policies related configuration.
This is going to help us later to filter the configuration to see only the configuration we want to see.
Initial cleanup
After power on the device, I started receiving the logs you can see on the screen. Clearing it with the command delete chassis auto-image-upgrade did not work. It required the root password to be setup first. After the root setting up the root password, the problem disapeared.
Root user password
Juniper device comes with the root user created without a password. So, the first business of the day is to setup the root user password. Here is how we do it in the CLI.
set system root-authentication plain-text-password
Now the root user is setup. See the configuration with:
show configuration system root-authentication
Hostname, date, and timezone
For the initial setup, the device time is not going to be synchronized with an NTP server. That may be part of a future lab. The date module takes YYYYMMDDHHMM time format. The date and time is setup in the operational mode and not in the configuration mode.
set date 202512241105
To view the time and date, run:
show system uptime
Since we have two SRX device distinct hostnames would be helpful.
[edit]
set system host-name SRX1
set system time-zone America/Chicago
To view the configured timezone:
show configuration system timezone
User accounts and permissions
Junos devices came with the root user account. I am going to need a non root user for my labs.
To create a new user, run:
[edit]
set system login user sam full-name "Mamadou Sandwidi"
Let's add the new user to a login class. For now I am going to use a predefined login class. We will make our own later during lab time.
set system login user sam class super-user
then add the password for the new user with:
set system login user sam authentication plain-text-password
View the newly configured user with:
[edit]
show system login user sam
Interfaces and VLANs
Let see the available interfaces.
show interfaces terse | no-more
That is a lot. Let only see the gigabit interfaces since they are the one I will be working the most with.
show interfaces ge-* terse
Clear SRX device data
request system zeroize
Conclusion
From here I think we are all good for the first basic Juniper SRX labs. See you in a moment.