In remote management, upstream or downstream interfaces of a network device are configured to accept the console connection such Telnet or SSH. The management traffic flows along with other transiting data traffic thru same interface.
There may be instances where due to some connectivity issues, we are unable to remotely login into the secondary node of an network device in cluster. In such situation we have to obtain Out-Of-Band connection to device thru:
With Juniper SRX firewall, in the absence of a console connection to the secondary, it is still possible to log into the secondary node from the primary node and run CLI commands without having to dispatch a technician to the site.
Please note enter the complete command
On the branch SRX devices, this can be achieved by the command:
{primary:node0}
lab@host-At> request routing-engine login node 1
--- JUNOS 10.1R3.7 built 2010-011-10 04:15:10 UTC
{secondary:node1}
lab@host-B>
On the high-end SRX devices, you will need to be in the shell and run the following command:
root@host-A% rlogin -T node1
--- JUNOS 10.1R3.7 built 2010-011-10 04:15:10 UTC
{secondary:node1}
lab@host-B%
Please Note:
1. Remember that these command is hidden in Junos 11.4. I don't know whether intentionally. so try to type it whole every letter without using tab, use just space.
2. You need to be in SHELL prompt for high end device.
3. the OS version also impact.
request routing-engine login node <0|1> !! Branch SRX devices (Pre-11.4R1.6).
rlogin -Jk -T <node0|node1> !! High-end and Branch SRX devices (11.4R1.6+ for Branch models) from the shell
There may be instances where due to some connectivity issues, we are unable to remotely login into the secondary node of an network device in cluster. In such situation we have to obtain Out-Of-Band connection to device thru:
- KVM or Dial in port, which are only available at datacenters or a major location having significant network equipment's but not readily available at remote or branch location due to feasibility and cost involved.
- The ultimate and traditional method is to engage local site service person (having at least basic technical skills which is rarest phenomenon), console cable and laptop with internet connections. This option is highly time consuming and frustrating during emergency situations.
With Juniper SRX firewall, in the absence of a console connection to the secondary, it is still possible to log into the secondary node from the primary node and run CLI commands without having to dispatch a technician to the site.
Please note enter the complete command
On the branch SRX devices, this can be achieved by the command:
{primary:node0}
lab@host-At> request routing-engine login node 1
--- JUNOS 10.1R3.7 built 2010-011-10 04:15:10 UTC
{secondary:node1}
lab@host-B>
On the high-end SRX devices, you will need to be in the shell and run the following command:
root@host-A% rlogin -T node1
--- JUNOS 10.1R3.7 built 2010-011-10 04:15:10 UTC
{secondary:node1}
lab@host-B%
Please Note:
1. Remember that these command is hidden in Junos 11.4. I don't know whether intentionally. so try to type it whole every letter without using tab, use just space.
2. You need to be in SHELL prompt for high end device.
3. the OS version also impact.
request routing-engine login node <0|1> !! Branch SRX devices (Pre-11.4R1.6).
rlogin -Jk -T <node0|node1> !! High-end and Branch SRX devices (11.4R1.6+ for Branch models) from the shell
Comments
Post a Comment