Activating a CPE Device

You can activate SRX300 Services Gateway and NFX250 Network Services Platform devices in the following ways:

• By connecting a computer to the LAN port of the device and entering the activation code through your browser

• By specifying the activation code in Customer Portal

You can activate a vSRX Services Gateway device by copying the configuration available in Customer Portal and pasting the configuration into the SRX Series device console. To copy the configuration in Customer Portal, click Sites > Stage-1 Config.

1. Connect a computer to the LAN port of the CPE device and power on the device.

   Refer to the documentation for the CPE device for more information.

2. Open a Web browser in your computer.

   Because the CPE device is preconfigured with a management address, the browser displays the login page.

3. Enter the activation code that you have received during the shipping process.
4. Click OK.

   On successful authentication, the Phone-Home server pushes the initial configuration to the CPE device.

1. Log in to Customer Portal.
2. Click the Sites page in Customer Portal.

   After you use Customer Portal to add a site that uses a CPE device, the CPE device icon on the Sites page is gray if the device is inactive. When you hover over the CPE device icon on the Monitor page, you should see the message Device Status: Expected, which indicates that the device is ready to be activated. If you see the message Device Status: Undefined, contact your service provider for assistance.

3. On the Device Status column, click Activate Device.

   The Activate Device page appears. The Activate Device page consists of Device Information and Device Activation.

4. On Device Information page, view the site details, device details, and recipient details, and specify the activation code. For more information see, Table 1.
5. Click Next.

   On Device Activation page, the device is activated through the following steps:

   • Detecting the device

   • Applying stage-one configuration to the device

   • Bootstrapping of device

   • Activating the device

   After each successful step, you can see a green check mark. If any of these steps fail, a red exclamation mark appears.

6. After the activation process is complete, click OK.

   The Sites page appears. To see the device activation status, hover over the device icon on the Sites page. You see one of the following statuses:

   • EXPECTED—Device is ready for activation.

   • ACTIVE—Device is authenticated but not yet operational.

   • ACTIVATION_FAILED—Device is not authenticated.

   • GWR_SPAWNED—Device gateway component spawning is successful.

   • GWR_SPAWN_FAILED—Device gateway component spawning fails.

   • PROVISIONED—Device is operational.

   • PROVISION_FAILED—Device failed to become operational. Contact your service provider for assistance.

   Note

   When a device is provisioned successfully, a job to install the default trusted certificates, which are packaged with Junos OS, on the device is triggered. You can view the details of the job (of type default trustedcertificate) on the Jobs page (Monitor > Jobs).

   We recommend that you check the job status to verify that the default trusted certificates were successfully installed. If, however, the job failed and if you want to use the SSL proxy feature, manually install the trusted certificates on the device by using the following procedure:

   1. Log in to the device and access the Junos OS CLI (operational mode).
   2. Execute the request security pki ca-certificate ca-profile-group load ca-group-name DEFAULT_CSO filename default command.

      The installation takes between 2–5 minutes to complete, so wait until it is done.

   3. Exit the Junos OS CLI and log out of the device.