Juniper SRX minor system alarms

Juniper SRX minor system alarms

Recently we replaced one of our Juniper SRX firewalls and I had to put the new one into the cluster.
Once I had finished configuring the new device, I ran few commands to make sure everything was ok.

I want to make sure the cluster was running smoothly, make sure the system was behaving properly.

Then I came across two minor system alarms:

root@firewall-a01> show system alarms
2 alarms currently active
Alarm time               Class  Description
2013-02-26 16:11:35 UTC   Minor Rescue configuration is not set
2013-02-26 16:11:36 UTC  Minor  Autorecovery information needs to be saved

root@firewall-a01>show chassis craft-interface

All the juniper firewall is telling us is, we need to:

1) We need to set the rescue configuration
root@firewall-a01>request system configuration rescue save

2) We need to save an auto-recovery configuration
root@firewall-a01> request system autorecovery state save

This will take care of these minor alarms and everything will look nice and green.

I think these are nice features provided by Juniper. Creating a restore point where you know when things were working fine ans you can restore easily and quick is just a nice thinking.

Autorecovery

To save current state of the disk partitioning, configuration, and licenses for autorecovery.
root@firewall-a01> request system autorecovery state save
To clear all saved autorecovery information.
root@firewall-a01> request system autorecovery state clear

To perform checks and shows status of all autorecovered items.
root@firewall-a01> show system autorecovery state   
Acording to the Juniper website:
Amber and steadily on indicates a major alarm, such as low memory (less than 10% remaining), session full, maximum number of VPN tunnels reached,
HA status change, or redundant group member not found.

Trobleshooting Amber lights on SRX
root@firewall-a01>show chassis craft-interface

You should see an output similar to the one below:
Front Panel System Indicator:
Routing Engine   0
-----------------------------
OK               *
Front Panel Alarm Indicator:
----------------------------
RED            .
ORANGE         *
Front Panel HA Indicator:
-------------------------
GREEN          .
Front Panel PS Indicator:
PS             0
-------------------------
RED            .
GREEN          *

I hope this will help you guys.

by Renato de Oliveira

Configuring Juniper SRX (some commands)

Configuring Juniper (Some Commands)

How to save config to a File:
root@fw-name# save <config-11-21-10-version-1>

How to restart Firewall
root@srx100-01> request system reboot

How to display systems alarms 
root@srx100-01> show system alarms

How to set System hostname
root@srx100-01# set system host-name <hostname>

How to set the system domain name on Juniper SRX
admin@srx100-01# set system domain-name <domainname>

How to set the nameserver or resolvers for your SRX
admin@srx100-01#set system name-server <IP Nameserver>

How to set root password
root@srx100-01#set system root-authentication plain-text-password

How to create an user on Juniper SRX
root@srx100-01#set system login user <username> class super-user

How to set the new user's name password on Juniper
root@srx100-01#set system login user renato authentication plain-text-password

How to create a readonly user on SRX
admin@srx100-01# set system login user readonly class read-only

How to display the Junos version
root@srx100-01# show version

How to set Time Zone
root@srx100-01# set system time-zone Europe/London

How to set Date and Time
root@srx100-01> set date 201302170917.32

Note: The command above can be explained as follows:
2013 (year), 02 (month), 17 (day of month), 0917.32 (09:17:32am - nine o'clock, seventeen minutes and thirty two seconds a.m)

How to set Juniper to sync date and time from NTP server
root@srx100-01> set date ntp <NTPSERVER>

How to setup 2 NTP servers and have one as a preferred one
root@srx100-01# set system ntp server <NTPSERVER> version 4 prefer
root@srx100-01# set system ntp server <NTPSERVER> version 4

How to setup NTP server at boot time
root@srx100-01# set system ntp boot-server <NTPSERVER>

Hot to show NTP server configured on Juniper
root@srx100-01# show system ntp

How to show NTP status 
root@srx100-01> show ntp status

How to show the Uptime for a Juniper firewall
root@srx100-01> show system uptime | match current

How to troubleshoot NTP problems
root@srx100-01> show log messages | match ntp