Within this tutorial we will be providing the steps required to upgrade your Juniper SRX firewall.
Table of Contents
First of all we copy the image over to the SRX via the use of scp. In this case I have used putty’s pscp.
C:\Windows\System32>pscp “C:\Users\admin\Downloads\junos-srxsme-11.4R1.6-domestic.tgz” root@[SRX IP]:/mfs
Next we confirm that the file is complete and is not corrupted by clarifying the MD5 hash of the file. The MD5 files can be obtained from the same page as the image files from within Junipers download section.
root@srx100> start shell
root@srx100% md5 /mfs/junos-srxsme-11.4R1.6-domestic.tgz
MD5 (/mfs/junos-srxsme-11.4R1.6-domestic.tgz) = 1a98b252c4b74f4de0ff8a87bf95194f
The device is then upgraded by issuing the following command.
root@srx100> request system software add no-copy validate /mfs/junos-srxsme-11.4R1.6-domestic.tgz
Formatting alternate root (/dev/da0s2a)…
/dev/da0s2a: 298.0MB (610284 sectors) block size 16384, fragment size 2048
using 4 cylinder groups of 74.50MB, 4768 blks, 9600 inodes.
super-block backups (for fsck -b #) at:
32, 152608, 305184, 457760
Checking compatibility with configuration
Verified manifest signed by PackageProduction_11_1_0
Verified junos-11.1R1.10-domestic signed by PackageProduction_11_1_0
Using junos-11.4R1.6-domestic from /altroot/cf/packages/install-tmp/junos-11.4R1.6-domestic
Copying package …
Verified manifest signed by PackageProduction_11_4_0
Hardware Database regeneration succeeded
Validating against /config/juniper.conf.gz
cp: /cf/var/validate/chroot/var/etc/resolv.conf and /etc/resolv.conf are identical (not copied).
cp: /cf/var/validate/chroot/var/etc/hosts and /etc/hosts are identical (not copied).
mgd: commit complete
Validating against /config/rescue.conf.gz
mgd: commit complete
rm: /cf/var/validate/chroot/cf/opt/bin: Directory not empty
rm: /cf/var/validate/chroot/cf/opt/etc: Directory not empty
rm: /cf/var/validate/chroot/cf/opt: Directory not empty
rm: /cf/var/validate/chroot/cf: Directory not empty
rm: /cf/var/validate/chroot: Directory not empty
Installing package ‘/altroot/cf/packages/install-tmp/junos-11.4R1.6-domestic’ …
Verified junos-boot-srxsme-11.4R1.6.tgz signed by PackageProduction_11_4_0
Verified junos-srxsme-11.4R1.6-domestic signed by PackageProduction_11_4_0
JUNOS 11.4R1.6 will become active at next reboot
WARNING: A reboot is required to load this software correctly
WARNING: Use the ‘request system reboot’ command
WARNING: when software installation is complete
Saving state for rollback …
Once the device has been rebooted via the use of ‘request system reboot’ the new version can be verified.
root@srx100> show version
JUNOS Software Release [11.4R1.6]
In the event of the upgrade reporting errors relating to disk space the following commands can be used to clear disk space.
request system storage cleanup
request system software delete-backup
To roll back the following command can be used.
request system software rollback
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial