Installing Software When a Firewall Exists
When a firewall separates the router from the network host, you must use FTP to transfer the software release files from the network host to the router. In this case, you must configure the FTP server on the router and ensure that FTP client software is installed on the network host.
For this network configuration, you must install the software from the normal operational mode of the command-line interface (CLI). You can access the CLI through either the local console or a Telnet session. If you have not yet configured the router to support Telnet, then you must use the local console.
To install the software, perform the following tasks. (See Table 13.)
Task 1: Obtain the Required Information
Before you install the software, obtain the following information:
- The password (if one is configured) that enables you to access Privileged Exec mode on the router
- The IP address of the network host
- The IP address of the router
- The IP address of the next hop to reach the destination network (for example, a gateway)
- The login name and password for the vty line
- The procedure for copying the release files to the network host
Task 2: Divert Network Traffic to Another Router
The system will be unavailable during the installation process.
Task 3: Access Privileged Exec Mode
To access this mode via the CLI:
Task 4: Configure IP on an Interface
Typically, you configure IP on the Fast Ethernet interface of the SRP module. To configure IP on an interface:
- Determine the slot number of the module.
- Determine the port number of the module.
- Determine whether the interface already has an IP address.
host1#show version
host1#show ip interface fastEthernet 6/0
host1#show ip interface fastEthernet 6/0/0
NOTE: If an IP interface is not configured, an Invalid interface message appears.
If the interface already has an IP address, go to Step 5. Otherwise, proceed with Step 4.
host1#configure
Configuring from terminal or file [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
host1(config)#interface fastEthernet 6/0
host1(config-if)#ip address ipAddress [ mask ]
host1#configure
Configuring from terminal or file [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
host1(config)#interface fastEthernet 6/0/0
host1(config-if)#ip address ipAddress [ mask ]
Task 5: Copy the Release Files to the Network Host
If you downloaded the software from the Juniper Networks Web site as a .zip file, uncompress the files to a directory, and copy the release files to the network host.
If you are accessing the release files from one of the software CDs, you must mount the CD. The way you mount the release files on the network host depends on the type of computer you use, the operating system, and the network configuration. To find out how to mount the release files on the network host, review the manual for the operating system, or contact your network administrator.
Task 6: Configure Access to the Network Host
To configure access to the network host:
- Use the ping command to determine whether the router can reach the network host.
host1#ping hostname
If the router can reach the network host, go to the next section. Otherwise, go to Step 2.
If the appropriate route is displayed, go to Step 5. Otherwise, proceed with Step 3.
- Configure a route to reach the network host.
- Press Ctrl+z to return to Privileged Exec mode.
- Determine whether the router has been configured to recognize the network host.
host1#configure
Configuring from terminal or file [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
host1(config)#ip route ipNetwork networkMask ipNextHop
host1#show host
If the network host is listed, go to Step 8. Otherwise, proceed with Step 6.
- Add an entry to the Static Host Table so that the router can access the network host. Use the host command to specify the network hostname and IP address.
- Press Ctrl+z to return to Privileged Exec mode.
- Use the ping command to determine whether the router can now reach the network host.
host1#configure
Configuring from terminal or file [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
host1(config)#host hostName ipAddress ftp loginname password
host1#ping hostname
If the router cannot reach the network host, verify that you correctly performed the previous steps in this procedure and that the network host is operational.
Task 7: Enable the FTP Server on the Router
The router divides its vty resources among Telnet, SSH, and FTP services. Each FTP session requires one vty line, and the FTP service uses the authentication method configured for the vty line. If you configured more than one vty line for Telnet access, the FTP service uses one of those lines. If you configured only one line for Telnet access, configure another vty line.
To enable the FTP server, use the ftp-server enable command.
host1(config)#ftp-server enable
Task 8: Identify the Files to Transfer
To identify all the files for the release, use a text editor to open the software release (.rel) file on the JUNOSe software CD or from the directory in which you downloaded from the Juniper Networks Web site. The software release file contains a list of all the files associated with the release. You must transfer the software release file and all the files it contains to the user space.
Task 9: Transfer Files to the User Space
To transfer the files for the release to the user space, use the FTP client software on the network host to connect to the FTP server on the router. Transfer the files to a subdirectory within the incoming directory. If you specify a subdirectory that does not exist, the router creates the directory.
 |
NOTE: Be sure to transfer the software release file and all the files it lists. |
Task 10: Install Files on the System Space
Installing the software release file to the system space installs all files listed in the software release file. To install the software release file from the incoming directory in the user space to the router space, use the copy command.
Be sure to specify the correct software release (.rel) filename for the router you are using, as described in Identifying the Software Release File.
|
host1#copy /incoming/releases/erx_x-y-z.rel erx_x-y-z.rel
The software release is copied from the user space to the system space. This process can take several minutes.
Task 11: Save the Current Configuration
To save the current configuration, use the copy running-configuration command:
host1#copy running-configuration filename.cnf
Task 12: Reboot the System
To reboot the system using the newly installed software:
- Access Global Configuration mode.
- Run the boot system command, specifying the .rel filename of the software release.
host1#configure
Configuring from terminal or file [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
host1(config)#
host1(config)#boot system erx_x-y-z.rel
The following message appears when you issue this command:
WARNING: We recommend that you copy the current running-configuration to a file prior to reloading a different release of software.
- Press Ctrl+z to return to Privileged Exec mode.
- Verify that the router is ready to boot with the new software release.
host1#show boot
If the old software version is still listed, verify that you completed the previous steps correctly.
The following message appears when you issue this command:
WARNING: Execution of this command will cause the system to reboot. Proceed with reload? [confirm]
The system reboots. The reboot might take longer than normal because line modules initialize with the old version of the software, acquire the new version from the SRP module, and reinitialize. When you observe the LEDs on the line modules, the line modules appear to boot twice.