Upgrading Juniper SRX’ Firmware

This is going to be quick one. Upgrading the firmware of a Juniper SRX firewall. First thing first, enable the ftpd service on the SRX.

karlo@BFWSRX> edit
karlo@BFWSRX# set system services ftp
karlo@BFWSRX# commit

Once the ftpd has been enabled, we can ftp to SRX and upload the new firmware to /var/tmp/. I use OSX Yosemite and will be using CyberDuck app to upload the new firmware. Once you have uploaded the new firmware, SSH to your SRX and check the checksum of the firmware. Make sure that the fimware checksum you have uploaded matches the checksum stated on Juniper website.

karlo@BFWSRX> start shell
% cd /var/tmp
% md5 junos-srsxme-12.3X48-D10.3-domestic.tgz
MD5 (junos-srxsme-12.3X48-D10.3-domestic.tgz) = 3aa1e0779a98dcb6a617b1b3738d862b
% exit

Once you have verified that the checksum integrity is good, then go to SRX operational mode. Install the firmware as shown below, and remove the ftp from the config

karlo@BFWSRX> request system software add /var/tmp/junos-srsme-12.3X48-D10.3-domestic.tgz no-copy no-validate unlink
karlo@BFWSRX> edit
karlo@BFWSRX# delete system services ftp
karlo@BFWSRX# commit and-quit

Once the installation is complete, you would need to reload the SRX.

karlo@BFWSRX> request system reboot

After the reboot, verify the firmware version by using the command below.

karlo@BFWSRX# run show version 
Hostname: BFWSRX
Model: srx100h2
JUNOS Software Release [12.3X48-D10.3]

That is pretty much how to upgrade a single SRX’ firmware.

About networkshinobi

My name is Karlo, I work as a Network Engineer. A little about myself. I started as a PC gamer back when I was in high school. PC gaming became my addiction and pushed me to learn more about computers. Slowly got my some certifications and landed an IT Tier 1 Helpdesk job. This job opened the door for me to work to push further on my certifications and going deeper into the IT world. My goal was to get my Cisco CCIE Routing and Switching, but my journey for CCIE has changed due to I always ended up working on non-Cisco network appliances. Therefore, I have to pivot and decided to jump to the dark side and go with Juniper. Hopefully, I would get my JNCIE in the near future. All the entries/post I made are based on my views, opinion and for educational purposes only. If you see some mistakes, feel free to drop some comments. I would appreciate all the helpful comments. Thanks
This entry was posted in Juniper, Misc. and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s