Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

header-navigation

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries
Campus and Branch

Welcome to the NOW Way to Wi-Fi

Take your networking performance to new heights with a modern, cloud-native, AI-Native architecture. Only Juniper can help you unleash the full potential of Wi-Fi 7 with our AI-Native platform for innovation.
Prepare for liftoff
Business intelligence analyst dashboard on virtual screen. Big data Graphs Charts.

AI Data Center Networking

Juniper’s AI data center solution is a quick way to deploy high performing AI training and inference networks that are the most flexible to design and easiest to manage with limited IT resources.
Find out more
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Zero trust security

Ops4AI Lab

Visit our lab in Sunnyvale, CA and see our AI data center solution for yourself. You can try out your own model’s functionality and performance, too.
Visit the lab
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Higher Education

Shaping Student Experiences: The NOW Way to Build Higher Education Networks

Join Juniper Networks CIO Sharon Mandell and a virtual summit of C-level IT leaders from prestigious institutions as they discuss ongoing efforts to support digital transformation.
Register to attend
Hand on tablet with healthcare overlay of graphics

Security in healthcare

In this IDC Spotlight report, discover how AI networking can automate and strengthen a healthcare ecosystem to defeat criminals and prevent loss. 
Gain insights into ecosystem security
Retail

The Future of In-Store Technologies

Join us for an enlightening webinar with Kevin McCartan, Senior IT Service Delivery Engineer at Musgrave; retail guru Jack Stratten of Insider Trends; and Christian Gilby, Director of Product Marketing at Juniper Networks, as they discuss the future of in-store technologies.
Reserve my spot

Products

Wireless access Wired access SD-WAN / SASE Routing and switching Security Mist AI™ Management software Network operating system Blueprint for AI-Native Acceleration Optics
  • Operations
ACX7020 router

Juniper ACX7020 Cloud Metro Access Router

Legacy networks simply cannot meet the demands of today’s rapidly evolving metro landscape. Unlock a new generation of highly scalable architectures and automated operations with the Juniper ACX7020. 
Learn more
EX4000 Ethernet Switch

Next-gen AI-Native EX4000 line of switches

Lack of AI innovation from your current networking vendor slowing you down? Embrace Juniper’s cloud-native, AI-Native access switches that support every level and layer, across nearly every deployment.
Discover how
The Q and AI text with an image of Bob Friday and Kedar Dhuru.

The Q&AI Podcast

Delivering practical solutions and enriching discussions, this podcast series is a vital resource for those seeking an in-depth exploration of AI's transformative potential.
Catch the latest episode

Services

Services
Services AI Care

Juniper AI Care Services Revolutionize Your Service Experience

Our industry-first AI-Native services couple AIOps with our deep expertise across the full network life cycle. You can move from reactive response to proactive insight and action.
Explore AI Care Services
Services AI Data Center

Juniper AI Data Center Deployment Services Optimize Your AI Model Runs

We use our expertise and validated designs to help design, deploy, validate and tune networks, including GPUs and storage, to get the most from your AI infrastructure operation.
Learn about AI Data Center Deployment Services

Partners

Partners

Support and Documentation

Support and Documentation

Learn

About Juniper Training Events The Feed Resources Technology learning topics Thought leadership and insights
Audience raising hands up while businessman is speaking in training at the office.

Juniper certification and training news

See the latest
Ringing of the bell

All global events

See the latest
AI-native-now

AI-Native NOW event series

Register now
Juniper's Christina Hendrix at the head of a conference table. With the text "The NOW Way to Network" overlayed, with "NOW" emphasizing the "O" in green color.

The NOW Way to Network

Watch the video series
AI Native Now

Executive insights

Dive deep with leading experts and thought leaders on all the topics that matter most to your business, from AI to network security to driving rapid, relevant transformation for your business.
Learn more
A keynote speaker giving a presentation at a conference. There are dozens of people sitting around them. The presentation is displayed via projector on all the walls in the room.

Leadership voices

Juniper Networks’ leaders operate on the front lines of creating the network of the future. Take a look around to see what’s on their minds.
Watch now
Bob Friday and Jessica Garrison speaking

Bob Friday Talks

Join Bob as he ventures into all the knowns -- and -- unknowns -- of AI.
Catch the latest episode
Documentation
Menu
License Guide
Quick Starts
Validated Designs
Home Documentation EX4400 EX4400 Switch Hardware Guide Installation and Configuration

EX4400 Switch Hardware Guide

keyboard_arrow_up
close
keyboard_arrow_left
EX4400 Switch Hardware Guide
Table of Contents Expand all
list Table of Contents
file_download PDF
{ "lLangCode": "en", "lName": "English", "lCountryCode": "us", "transcode": "en_US" }
English
ON THIS PAGE
keyboard_arrow_right

Configure Junos OS on the EX4400

date_range 05-Nov-24
arrow_backward
arrow_forward

Connect and Configure an EX4400 Switch by Using the CLI

There are two ways to connect and configure an EX4400 switch: one method is through the console by using the CLI and the other is by using the J-Web interface.

Starting in Junos OS Release 22.3R1, J-Web supports EX4400 switches.

This topic describes the CLI procedure.

Before you connect and configure an EX4400, set the following parameter values on the console server or PC:

  • Baud Rate—9600

  • Data—8

  • Flow Control—None

  • Parity—None

  • Stop Bits—1

  • DCD State—Disregard

Ensure that you have the following parts and tools available:

  • An Ethernet cable with an RJ-45 connector attached—not provided

  • An RJ-45 to DB-9 serial port adapter—not provided

  • A laptop or PC, with a serial port—not provided

Have the following information available before you configure custom settings for the switch:

  • Root password

  • IP address of the default gateway

  • IP address of the management port

  • IP address of a DNS server

  • (Optional) Hostname

  • (Optional) IP address of a backup router

  • (Optional) SNMP read community, location, and contact to configure SNMP parameters

  • (Optional) Static routes to remote subnets with access to the management port

  • (Optional) Static routes to remote prefixes with access to the management port

We ship the EX4400 switch with Junos OS preinstalled and ready to be configured when the switch is powered on. You must perform the initial configuration of the EX4400 through the console port (labeled CON) on the rear panel of the switch by using the command-line interface (CLI).

This procedure describes how to perform the initial configuration on the switch and to connect it to the network. For the complete information about enabling the switch to forward traffic, including examples, see the Junos OS configuration guides.

To perform the initial configuration on the switch and to connect it to the network:

  1. Power on the switch.
  2. Connect the console port (labeled CON) to a management host such as a laptop or PC by using an RJ-45 to DB-9 serial port adapter. On EX4400 switch models except EX4400-24X, the console port is on the rear panel. On the EX4400-24X model, the console port is on the front panel.
    Note:

    We no longer include the RJ-45 console cable with the DB-9 adapter as part of the device package. If the console cable and adapter are not included in your device package, or if you need a different type of adapter, you can order the following separately:

    • RJ-45 to DB-9 adapter (JNP-CBL-RJ45-DB9)

    • RJ-45 to USB-A adapter (JNP-CBL-RJ45-USBA)

    • RJ-45 to USB-C adapter (JNP-CBL-RJ45-USBC)

    If you want to use RJ-45 to USB-A or RJ-45 to USB-C adapter you must have X64 (64-Bit) Virtual COM port (VCP) driver installed on your PC. See, https://ftdichip.com/drivers/vcp-drivers/ to download the driver.

  3. At the Junos OS login prompt, type root to log in. You don't need to enter a password. If the software boots before you connect to the console port, you might need to press the Enter key for the prompt to appear.
    content_copy zoom_out_map
    login: root
  4. Start the CLI.
    content_copy zoom_out_map
    root@:RE:0% cli
root>
  5. Enter configuration mode.
    content_copy zoom_out_map
    root> configure
[edit]
root#
  6. Add a password to the root administration user account. Enter a plain-text password, an encrypted password, or an SSH public key string.
    content_copy zoom_out_map
    [edit]
root# set system root-authentication plain-text-password
New password: password
Retype new password: password

    or

    content_copy zoom_out_map
    [edit]
root# set system root-authentication encrypted-password encrypted-password

    or

    content_copy zoom_out_map
    [edit]
root# set system root-authentication ssh-ecdsa public-key

    or

    content_copy zoom_out_map
    [edit]
root# set system root-authentication ssh-ed25519 public-key

    or

    content_copy zoom_out_map
    [edit]
root# set system root-authentication ssh-rsa public-key
  7. (Optional) Configure the hostname of the switch. If the name includes spaces, enclose the name in double quotation marks (“ ”).
    content_copy zoom_out_map
    [edit]
root# set system host-name host-name
  8. (Optional) Create a user account.
    content_copy zoom_out_map
    [edit]
root# set system login user user-name authentication plain-text-password
New password: password
Retype new password: password
  9. (Optional) Set the user account class to super-user.
    content_copy zoom_out_map
    [edit]
root# set system login user user-name class super-user
  10. (Optional) Configure the domain name of the switch.
    content_copy zoom_out_map
    [edit]
root# set system domain-name domain-name
  11. Configure the default gateway.
    content_copy zoom_out_map
    [edit]
root# set routing-options static route 0/0 next-hop address
  12. Configure the IP address and prefix length for the management interface on the switch.
    content_copy zoom_out_map
    [edit]
root# set interfaces me0 unit 0 family inet address address/prefix-length
    Note:

    The management port me0 (labeled MGMT) is located on the rear panel of the switch.

  13. (Optional) Configure the IP address of a backup router, which is used only while the routing protocol is not running.
    content_copy zoom_out_map
    [edit]
root# set system backup-router address
  14. Configure the IP address of a DNS server.
    content_copy zoom_out_map
    [edit]
root# set system name-server address
  15. (Optional) Configure the static routes to remote subnets with access to the management port. Access to the management port is limited to the local subnet.
    content_copy zoom_out_map
    [edit]
root# set routing-options static route remote-subnet next-hop destination-IP retain no-readvertise
  16. (Optional) Configure the static routes to remote prefixes with access to the management port.
    content_copy zoom_out_map
    [edit]
root# set routing-options static route remote-prefix next-hop destination-IP retain no-readvertise
  17. Configure the SSH service.
    content_copy zoom_out_map
    [edit]
root# set system services ssh root-login allow
  18. Configure in-band management or out-of-band management:

    • With in-band management, you can configure a network port interface as the management interface and connect it to the management device. In this scenario, you can do either of the following:

      • Use the automatically created VLAN named default for management of all data interfaces as members of the default VLAN. Specify the management IP address and the default gateway.

      • Create a new management VLAN. Specify the VLAN name, VLAN ID, management IP address, and default gateway. Select the ports that must be part of this VLAN.

    • With out-of-band management, you use a dedicated management channel to connect to the management device. Specify the IP address and gateway of the management interface. Use this IP address to connect to the switch.

  19. (Optional) Specify the SNMP read community, location, and contact to configure SNMP parameters.
  20. (Optional) Specify the system date and time. Select the time zone from the list. The configured parameters are displayed.
  21. Enter yes to commit the configuration. The configuration is committed as the active configuration for the switch.
  22. (Optional) Display the configuration to verify that it is correct.
  23. (Optional) Configure additional properties by adding the necessary configuration statements.
  24. Commit the configuration to activate it on the switch.
    content_copy zoom_out_map
    [edit]
root# commit
  25. When you have finished configuring the switch, exit configuration mode.
    content_copy zoom_out_map
    [edit]
root@switch# exit
root@switch>

You can now log in by using the CLI and continue configuring the switch.

To connect and configure an EX4400 switch by using the J-Web interface, see Connecting and Configuring an EX Series Switch (J-Web Procedure).

EX4400 Default Configuration

Each EX Series switch is programmed with a factory-default configuration that contains the values set for each configuration parameter when the switch is shipped. The default configuration file sets values for system parameters such as syslog and commit, configures Ethernet switching on all interfaces, enables IGMP snooping, and enables the LLDP and RSTP protocols.

Note:

  • The factory-default configuration file has more interfaces for models that have more ports.

  • The poe statement appears only in models with ports that support PoE-bt.

When you commit changes to the configuration, a new configuration file is created, which becomes the active configuration. You can always revert to the factory-default configuration. See Revert to the Factory-Default Configuration for the EX Series Switch.

The following is the factory-default configuration file for an EX4400-24P switch with 24 ports that support PoE-bt. The factory-default configuration file for the other EX4400 models is similar.

content_copy zoom_out_map
system {
    commit {
        factory-settings {
            reset-chassis-lcd-menu;
            reset-virtual-chassis-configuration;
        }
    }
services {
        ssh;
        netconf {
            ssh;
            rfc-compliant;
            yang-compliant;
        }
    }
    auto-snapshot;
    syslog {
        file interactive-commands {
            interactive-commands any;
        }
        file messages {
            any notice;
            authorization info;
        }
    }
    phone-home {
        server https://redirect.juniper.net;
        rfc-compliant;
    }
    ## Warning: missing mandatory statement(s): 'root-authentication'
}
chassis {
    redundancy {
        graceful-switchover;
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/4 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/6 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/7 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/8 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/9 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/10 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/11 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/12 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/13 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/14 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/15 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/16 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/17 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/18 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/19 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/20 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/21 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/22 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    ge-0/0/23 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    et-0/2/0 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    xe-0/2/0 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    et-0/2/1 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    xe-0/2/1 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    et-0/2/2 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    xe-0/2/2 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    et-0/2/3 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    xe-0/2/3 {
        unit 0 {
            family ethernet-switching {
                storm-control default;
            }
        }
    }
    irb {
        unit 0 {
            family inet {
                dhcp;
            }
        }
    }
    vme {
        unit 0 {
            family inet {
                dhcp;
            }
        }
    }
}
forwarding-options {
    storm-control-profiles default {
        all;
    }
}
protocols {
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
    igmp-snooping {
        vlan default;
    }
    rstp {
        interface all;
    }
}
poe {
    interface all;
}
vlans {
    default {
        vlan-id 1;
        l3-interface irb.0;
    }
}

Revert an EX4400 Switch to the Factory-Default Configuration

If the current active configuration on your switch fails, you can revert to the factory-default configuration. You can also roll back to a previous configuration, as described in Rolling Back Junos OS Configuration Changes.

Tip:

If you have lost the root password, it is not necessary to revert to the factory-default configuration to reset it. See Recovering the Root Password on Switches.

The factory-default configuration contains the basic configuration settings for the switch. This is the first configuration of the switch and it is loaded when the switch is first powered on. For the factory-default configuration file for your switch, see the hardware documentation for your switch.

Note:

To revert a member switch of a Virtual Chassis to the factory-default configuration, disconnect the cables connected to the VCPs to avoid affecting Virtual Chassis configuration parameters (member ID, primary-role priority, and setting of VCP uplinks) on other members (see Disconnect a Fiber-Optic Cable).

You can revert to the factory-default configuration by using the request system zeroize operational command or the load factory-default configuration command. You can also use the load factory-default command to revert to the factory-default configuration file that contains all default settings except the root password setting, which is retained.

We describe these procedures in the following sections:

Note:

After resetting the factory default configuration either through the CLI or Factory Reset/Port mode button, the previous host name of the device is not reset. The host name can only be changed by configuring a new hostname or rebooting the device.

Revert to the Factory-Default Configuration by Using the request system zeroize Command

The request system zeroize command is a standard Junos OS operational mode command that removes all configuration information and resets all key values. The operation unlinks all user-created data files, including customized configuration and log files, from their directories. The switch then reboots and reverts to the factory-default configuration.

To completely erase user-created data so that it is unrecoverable, use the request system zeroize media command.

CAUTION:

Before issuing request system zeroize, use the request system snapshot command to back up the files currently used to run the switch to a secondary device.

  1. To revert to the factory-default configuration by using the request system zeroize command:
    content_copy zoom_out_map
    user@switch> request system zeroize warning: System will be rebooted and may not boot without configurationErase all data, including configuration and log files? [yes,no]
(yes)
  2. Type yes to remove configuration and log files and revert to the factory-default configuration.
    Note:

    The auto-image-upgrade statement is added at the [edit chassis] hierarchy level when you use this procedure. Thus, the automatic image upgrade feature is made available on the switch.

Revert to the Factory-Default Configuration by Using the load factory-default Command

The load factory-default command is a standard Junos OS configuration command that replaces the current active configuration with the factory-default configuration (except the root password setting, which by default is not set but which you must set in order to commit the new configuration in this procedure).

If you want to run the EZsetup script to complete the initial configuration of the switch after you revert to the factory-default configuration, do not use the load factory-default command. Instead, do the reversion by using the request system zeroize command. If you use the load factory-default command to revert to the factory-default configuration, the configuration for the root password is retained and the EZsetup script will not run.

To revert to the factory-default configuration by using the load factory-default command:

Note:

If you use this procedure, you must delete the system commit factory settings, set the root password, and commit the configuration. These steps are not required when you revert to the factory-default configuration by using request system zeroize. Also, the auto-image-upgrade statement is not added to the configuration when you use this procedure; it is added to the configuration when you use request system zeroize.

  1. [edit]user@switch# load factory-default

  2. [edit]user@switch# delete system commit factory-settings

  3. [edit]user@switch# set system root-authentication plain-text-password

  4. [edit]user@switch# commit

  5. Check the member ID and primary-role priority with the show virtual-chassis command and check to see whether there are remaining settings for uplink VCPs by using the show virtual-chassis vc-port command.

Revert to the Factory-Default Configuration by Using the Factory Reset/Mode Button

To revert to the factory-default configuration by using the factory reset/mode button:

  1. Press the factory reset/mode button on the far right side of the front panel for 10 seconds. The switch transitions into factory-default configuration, the console displays committing factory default configuration, and the Link/Activity LED on the network ports and the QSFP28 ports is lit steadily green.
  2. Commit the configuration by using the CLI.
  3. Press the factory reset/mode button for 10 more seconds. The switch transitions into initial setup mode.

    EZSetup configures DHCP and enables the J-Web user interface on the switch. You can use EZSetup only on a standalone switch that is in the factory default configuration. For information about EZSetup, see Connecting and Configuring an EX Series Switch (J-Web Procedure).

The Factory Reset/Mode button is enabled by default. You can disable the button using the CLI.

To disable the Factory Reset/Mode button, run the following commands:

  1. [edit] user@switch# set chassis config-button no-clear

  2. [edit] user@switch# commit

To enable the Factory Reset/Mode button, run the following commands:

  1. [edit] user@switch# delete chassis config-button no-clear

  2. [edit] user@switch# commit

arrow_backward PREVIOUS Connect the EX4400 to the Network
NEXT arrow_forward Maintain the EX4400 Cooling System
footer-navigation

© 1999 - 2025 Juniper Networks, Inc. All rights reserved.

Scroll to top