Troubleshooting the SRX320
Troubleshooting Resources for the SRX320 Firewall Overview
To troubleshoot a services gateway, you use the Junos OS command-line interface (CLI) and LEDs on the components:
LEDs—When the services gateway detects an alarm condition, the alarm LED on the interfaces glows red or yellow.
CLI—The CLI is the primary tool for controlling and troubleshooting hardware, Junos OS, and network connectivity. Use the CLI to display more information about alarms. CLI commands display information about network connectivity derived from the ping and traceroute utilities. For information about using the CLI to troubleshoot Junos OS, see the appropriate Junos OS configuration guide.
JTAC—If you need assistance during troubleshooting, you can contact the Juniper Networks Technical Assistance Center (JTAC) by using the Web or by telephone. If you encounter software problems, or problems with hardware components not discussed here, contact JTAC.
Troubleshooting Chassis and Interface Alarm Messages on the SRX320 Firewall
When the services gateway detects an alarm condition,
the alarm LED on the front panel turns red or amber as appropriate.
To view a more detailed description of the alarm cause, issue the show chassis alarms
CLI command.
Table 1 describes alarms that can occur for an SRX320 Firewall chassis component.
Component |
Alarm Conditions |
Action |
Alarm Severity |
---|---|---|---|
Boot media |
The services gateway boots from an alternate boot device. |
|
Amber (minor) |
Hardware components on the services gateway |
The services gateway chassis temperature or chassis is too warm |
Check the room temperature. See SRX320 Services Gateway Environmental Specifications. |
Amber (minor) |
The services gateway temperature is too high, either because of an internal overheating condition or because the maximum recommended room temperature has been exceeded. |
The services gateway shuts down automatically in 4 minutes. |
Red (major) |
|
Mini-PIM |
A Mini-PIM has failed. |
|
Red (major) |
Troubleshooting the Power System on the SRX320 Firewall
The LEDs on the services gateway enable you to determine the performance and operation. The PWR LED, located on the front panel of the services gateway, indicates the different settings with respect to the power system.
Table 2 describes different PWR LED status settings and their corrective actions.
LED Status |
Meaning |
Possible Cause and Corrective Action |
---|---|---|
Green |
Device is receiving power. |
Normal indication. No action is required. |
Amber |
Indicates that the power button has been pressed and quickly released. |
Normal indication. No action is required. |
Off |
Indicates that the device is not receiving power. |
|
Using the RESET CONFIG Button
If a configuration fails or denies management access to the services gateway, you can use the RESET CONFIG button to restore the device to the factory-default configuration or a rescue configuration. For example, if someone inadvertently commits a configuration that denies management access to a services gateway, you can delete the invalid configuration and replace it with a rescue configuration by pressing the RESET CONFIG button.
The RESET CONFIG button is recessed to prevent it from being pressed accidentally.
The rescue configuration is a previously committed, valid configuration. You must have previously set the rescue configuration through the J-Web interface or the CLI. To press the RESET CONFIG button, insert a small probe (such as a straightened paper clip) into the pinhole on the front panel.
By default, pressing and quickly releasing the RESET CONFIG button loads and commits the rescue configuration through the J-Web interface or the CLI. The Status LED is solid amber during this time.
By default, pressing and holding the RESET CONFIG button for 15 seconds or more—until the Status LED is solid amber — deletes all configurations on the device, including the backup configurations and rescue configuration, and loads and commits the factory configuration.
Resetting the configuration does not trigger a reboot automatically. Thus, configuration changes that require a reboot, such as Ethernet switching configurations, do not take effect after you reset the configuration. As a result, connectivity to the device might be lost. For the configuration to take effect, power off and power on the device after resetting the configuration.
Changing the RESET CONFIG Button Behavior
You can change the default operation of the RESET CONFIG button by limiting how the button resets the services gateway:
To prevent the RESET CONFIG button from setting the device to the factory-default configuration and deleting all other configurations:
admin@host# set chassis config-button no-clear
You can still press and quickly release the button to reset it to the rescue configuration.
To prevent the RESET CONFIG button from setting the device to the rescue configuration:
admin@host# set chassis config-button no-rescue
You can still press and hold the button for 15 seconds or more to reset the gateway to the factory-default configuration.
To disable the button and prevent the device from resetting to either the factory-default or rescue configuration:
admin@host# set chassis config-button no-clear no-rescue
The no-clear
option prevents
the RESET CONFIG button from deleting all configurations on the services gateway.
The no-rescue
option prevents
the RESET CONFIG button from loading the rescue configuration.
To return the function of the RESET CONFIG button to its default
behavior, remove the config-button
statement from the device configuration.