I recently bought an SRX210B cheaply from ebay. This unit is EOL but still relevant for learning the Junos OS. This post follows the setup of the unit once recieved from password recovery to OS upgrade.

factory reset » reset config button srx

To reset a device hold the power button for 15 seconds, it will then load the factory default recovery settings. The default root password is no password.

After performing this on my device i connected to the ge 1 interface and it became clear the default recovery password had been set so i had to root the device to change it.

rooting device » recovering root password

Rooting a device is easy but you need a serial or console cable. I used this specific USB console cable with my mac laptop.

Steps

  1. Attach console cable to SRX210 and usb port of Mac.

  2. launch screen to attach to console

$ screen /dev/tty.usbserial-AB0JR58M 9600

  1. power on device

  2. wait for boot loader prompt then press space multiple times to enter bootstrap

Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [kernel] in 9 seconds...
  1. at bootstrap enter boot -s for single user mode.
loader> boot -s
  1. type ‘recovery’ when prompted then hit return
Enter full path name of shell or ’recovery’ for root password recovery or RETURN for /bin/sh: recovery
  1. enter configuration mode
Starting CLI ... 
root> configure 
Entering configuration mode
  1. set new password
root# set system root-authentication plain-text-password    
New password:
Retype new password:
  1. commit changes
root# commit 
exit
commit complete
  1. exit and reboot
root# exit 
Exiting configuration mode

root> exit 

Reboot the system? [y/n]

After reboot i was then able to log into the device on serial cable. I was also able to ssh using the root account to the device with a dhcp assigned address when attached to ge1 interface port.

corrupt primary partition » Configuring Root Partitions on SRX Series Devices

After resetting password i also found that it was booting into alt root as it has a dual root partition setup. To repair you need to copy back to primary partition. This doesnt take more than 5-10 mins and a reboot.

steps

  1. Restore primary partition
root> request system snapshot slice alternate
Formatting alternate root (/dev/da0s1a)...
Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes)
The following filesystems were archived: /
  1. After successfull copy reboot SRX
root> request system reboot
  1. confirm booting from the current primary (not always be first partition number)
root> show system storage partitions 
Boot Media: internal (da0)
Active Partition: da0s1a
Backup Partition: da0s2a
Currently booted from: active (da0s1a)

Partitions information:
  Partition  Size   Mountpoint
  s1a        293M   /         
  s2a        293M   altroot   
  s3e        24M    /config   
  s3f        342M   /var      
  s4a        30M    recovery
  1. Check for faults on the device
root> show chassis alarms 
No alarms currently active

device version and info

Now i can take a look at software versions and hardware info.

  1. When connected to console or ssh, enter the cli
% cli
  1. print the current installed junos os.
root> show version 
Model: srx210b
JUNOS Software Release [11.4R12.4]
  1. print the hardware information with detail
root> show chassis hardware detail 
Hardware inventory:
Item             Version  Part number  Serial number     Description
Chassis                                AC1510AA0125      SRX210b
Routing Engine   REV 38   750-021778   AABM5957          RE-SRX210B
  da0     999 MB  ST72682                                Nand Flash
  usb0 (addr 1)  DWC OTG root hub 0    vendor 0x0000     uhub0
  usb0 (addr 2)  product 0x005a 90     vendor 0x0409     uhub1
  usb0 (addr 3)  ST72682  High Speed Mode 64218 STMicroelectronics umass0
FPC 0                                                    FPC
  PIC 0                                                  2x GE, 6x FE, 1x 3G
Power Supply 0
  1. get the routing engine status
root> show chassis routing-engine   
Routing Engine status:
    Temperature                 40 degrees C / 104 degrees F
    Total memory               512 MB Max   420 MB used ( 82 percent)
      Control plane memory     336 MB Max   306 MB used ( 91 percent)
      Data plane memory        176 MB Max   113 MB used ( 64 percent)
    CPU utilization:
      User                      13 percent
      Background                 0 percent
      Kernel                    16 percent
      Interrupt                  0 percent
      Idle                      72 percent
    Model                          RE-SRX210B
    Serial ID                      AABM5957
    Start time                     2020-01-29 14:49:04 UTC
    Uptime                         7 minutes, 15 seconds
    Last reboot reason             0x200:normal shutdown
    Load averages:                 1 minute   5 minute  15 minute
                                       0.75       2.35       1.33
  1. check for device alarms
root> show chassis alarms 
No alarms currently active
  1. review current dual partition state and version
root> show system snapshot media internal   
Information for snapshot on       internal (/dev/da0s1a) (backup)
Creation date: Feb 3 13:13:06 2020
JUNOS version on snapshot:
  junos  : 11.4R12.4-domestic
Information for snapshot on       internal (/dev/da0s2a) (primary)
Creation date: Jan 29 14:46:39 2020
JUNOS version on snapshot:
  junos  : 11.4R12.4-domestic
  1. get current active boot partition this should be primary from previous
root> show system storage partitions 
Boot Media: internal (da0)
Active Partition: da0s2a
Backup Partition: da0s1a
Currently booted from: active (da0s2a)
  1. poweroff
root> request system power-off

Junos OS supported versions

Because this unit is EOL its difficult to know what junos versions it supports. I found this forumn with most likely answer given junos os release dates and EOL notice for the SRX210B.

SRX100b/H, SRX110H, SRX210B/H/BE/HE, SRX220H, SRX240B/H/B2 do not support 12.3X48 image. Last junos image supported on the above devises is 12.1X46-D65.

Juniper appears to show different but probably for the high memory variants.

I am going to stick with the known working 12.1X46-D65.

Upgrading Junos OS

Prerequisites

Copy the release archive to a FAT formatted USB storage device. In this instance junos-srxsme-12.1X46-D65.4-domestic.tgz.

MD5 : d52a7fd9531acbfeb74060dfc96b3325

SHA1 : 185931dcb605a909264f354cec12f3346fc4ba85

Steps

  1. Insert the USB storage device into USB port.

  2. Log onto the console or SSH.

  3. Mount the storage device

root@% mount_msdosfs /dev/da1s1 /mnt
  1. switch to the cli
root@% cli
  1. Execute the upgrade proceedure with the archive from mount point and wait . . .
root> request system software add /mnt/junos-srxsme-12.1X46-D65.4-domestic.tgz   
NOTICE: Validating configuration against junos-srxsme-12.1X46-D65.4-domestic.tgz.
NOTICE: Use the 'no-validate' option to skip this if desired.
Formatting alternate root (/dev/da0s1a)...
/dev/da0s1a: 297.9MB (610028 sectors) block size 16384, fragment size 2048
        using 4 cylinder groups of 74.47MB, 4766 blks, 9600 inodes.
super-block backups (for fsck -b #) at:
 32, 152544, 305056, 457568
saving package file in /var/sw/pkg ...
Checking compatibility with configuration
Initializing...
Verified manifest signed by PackageProduction_11_4_0
Verified junos-11.4R12.4-domestic signed by PackageProduction_11_4_0
Using junos-12.1X46-D65.4-domestic from /altroot/cf/packages/install-tmp/junos-12.1X46-D65.4-domestic
Copying package ...
Verified manifest signed by PackageProductionRSA_2016
Hardware Database regeneration succeeded
Validating against /config/juniper.conf.gz
Connectivity fault management process: rtslib: WARNING kernel has new unknown messages: expected 102 got 103,a reboot or software upgrade may be required
Connectivity fault management process:
Connectivity fault management process: rtslib: WARNING version mismatch for msg residx: expected 98 got 0,a reboot or software upgrade may be required
Connectivity fault management process:
Connectivity fault management process: rtslib: WARNING version mismatch for msg unknown: expected 98 got 0,a reboot or software upgrade may be required
Connectivity fault management process:
mgd: commit complete
Validation succeeded
rm: /cf/var/validate/chroot/mfs/var/etc/pam.conf: Operation not permitted
rm: /cf/var/validate/chroot/mfs/var/etc: Directory not empty
rm: /cf/var/validate/chroot/mfs/var: Directory not empty
rm: /cf/var/validate/chroot/mfs: Directory not empty
rm: /cf/var/validate/chroot: Directory not empty
Installing package '/altroot/cf/packages/install-tmp/junos-12.1X46-D65.4-domestic' ...
Verified junos-boot-srxsme-12.1X46-D65.4.tgz signed by PackageProductionRSA_2016
Verified junos-srxsme-12.1X46-D65.4-domestic signed by PackageProductionRSA_2016
JUNOS 12.1X46-D65.4 will become active at next reboot
WARNING: A reboot is required to load this software correctly
WARNING:     Use the 'request system reboot' command
WARNING:         when software installation is complete
Saving state for rollback ...
  1. On success exit the cli and umount the storage device
root> exit 

root@% umount /mnt
  1. enter cli mode again and request reboot
root@% cli
root> request system reboot 
warning: The configuration has been changed but not committed
Reboot the system ? [yes,no] (no) yes
  1. Log back in and show version and look for alarms
root@% cli
root> show version 
Model: srx210b
JUNOS Software Release [12.1X46-D65.4]

root> show chassis alarms 
No alarms currently active

Conclusion

The SRX210B device is now been successfully identified, factory reset, I have remote root access and the Junos OS has been upgraded to a known good version. I have also shown there are no problems with the device at present.

The primary partition has now been changed to da0s1a. The upgrade process formatted this partition and promoted it for next startup. The original partition is still in place as backup now and i can revert to it. I will give it some time to ensure it is okay then issue the ‘request system snapshot slice alternate’ to bring it to the same version ‘12.1X46-D65.4’ as the primary.