Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Troubleshooting the SRX320

Troubleshooting Resources for the SRX320 Firewall Overview

To troubleshoot a services gateway, you use the Junos OS command-line interface (CLI) and LEDs on the components:

  • LEDs—When the services gateway detects an alarm condition, the alarm LED on the interfaces glows red or yellow.

  • CLI—The CLI is the primary tool for controlling and troubleshooting hardware, Junos OS, and network connectivity. Use the CLI to display more information about alarms. CLI commands display information about network connectivity derived from the ping and traceroute utilities. For information about using the CLI to troubleshoot Junos OS, see the appropriate Junos OS configuration guide.

  • JTAC—If you need assistance during troubleshooting, you can contact the Juniper Networks Technical Assistance Center (JTAC) by using the Web or by telephone. If you encounter software problems, or problems with hardware components not discussed here, contact JTAC.

Troubleshooting Chassis and Interface Alarm Messages on the SRX320 Firewall

When the services gateway detects an alarm condition, the alarm LED on the front panel turns red or amber as appropriate. To view a more detailed description of the alarm cause, issue the show chassis alarms CLI command.

Table 1 describes alarms that can occur for an SRX320 Firewall chassis component.

Table 1: SRX320 Firewall Chassis Alarm Conditions and Corrective Actions

Component

Alarm Conditions

Action

Alarm Severity

Boot media

The services gateway boots from an alternate boot device.

Amber (minor)

Hardware components on the services gateway

The services gateway chassis temperature or chassis is too warm

Check the room temperature. See SRX320 Services Gateway Environmental Specifications.

Amber (minor)

The services gateway temperature is too high, either because of an internal overheating condition or because the maximum recommended room temperature has been exceeded.

The services gateway shuts down automatically in 4 minutes.

Red (major)

Mini-PIM

A Mini-PIM has failed.

Red (major)

Troubleshooting the Power System on the SRX320 Firewall

The LEDs on the services gateway enable you to determine the performance and operation. The PWR LED, located on the front panel of the services gateway, indicates the different settings with respect to the power system.

Table 2 describes different PWR LED status settings and their corrective actions.

Table 2: SRX320 Firewall Power LED Status

LED Status

Meaning

Possible Cause and Corrective Action

Green

Device is receiving power.

Normal indication. No action is required.

Amber

Indicates that the power button has been pressed and quickly released.

Normal indication. No action is required.

Off

Indicates that the device is not receiving power.

  • Verify that the AC power cord from the power source to the device is not damaged. If the insulation is cracked or broken, immediately replace the cord or cable.

  • Ensure that the socket you plug in is in working condition.

  • Ensure the device has an AC input voltage between 100 and 240 VAC.

  • If you cannot determine the cause of the problem or need additional assistance, contact JTAC.

Using the RESET CONFIG Button

If a configuration fails or denies management access to the services gateway, you can use the RESET CONFIG button to restore the device to the factory-default configuration or a rescue configuration. For example, if someone inadvertently commits a configuration that denies management access to a services gateway, you can delete the invalid configuration and replace it with a rescue configuration by pressing the RESET CONFIG button.

Note:

The RESET CONFIG button is recessed to prevent it from being pressed accidentally.

The rescue configuration is a previously committed, valid configuration. You must have previously set the rescue configuration through the J-Web interface or the CLI. To press the RESET CONFIG button, insert a small probe (such as a straightened paper clip) into the pinhole on the front panel.

  • By default, pressing and quickly releasing the RESET CONFIG button loads and commits the rescue configuration through the J-Web interface or the CLI. The Status LED is solid amber during this time.

  • By default, pressing and holding the RESET CONFIG button for 15 seconds or more—until the Status LED is solid amber — deletes all configurations on the device, including the backup configurations and rescue configuration, and loads and commits the factory configuration.

Note:

Resetting the configuration does not trigger a reboot automatically. Thus, configuration changes that require a reboot, such as Ethernet switching configurations, do not take effect after you reset the configuration. As a result, connectivity to the device might be lost. For the configuration to take effect, power off and power on the device after resetting the configuration.

Changing the RESET CONFIG Button Behavior

You can change the default operation of the RESET CONFIG button by limiting how the button resets the services gateway:

  • To prevent the RESET CONFIG button from setting the device to the factory-default configuration and deleting all other configurations:

    admin@host# set chassis config-button no-clear

    You can still press and quickly release the button to reset it to the rescue configuration.

  • To prevent the RESET CONFIG button from setting the device to the rescue configuration:

    admin@host# set chassis config-button no-rescue

    You can still press and hold the button for 15 seconds or more to reset the gateway to the factory-default configuration.

  • To disable the button and prevent the device from resetting to either the factory-default or rescue configuration:

    admin@host# set chassis config-button no-clear no-rescue

The no-clear option prevents the RESET CONFIG button from deleting all configurations on the services gateway. The no-rescue option prevents the RESET CONFIG button from loading the rescue configuration.

To return the function of the RESET CONFIG button to its default behavior, remove the config-button statement from the device configuration.