Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Install Junos OS on SRX300 Line of Firewalls from the Boot Loader Using a TFTP Server

Learn how to install Junos OS on SRX Series Firewalls using a TFTP server from the boot loader. This process includes prerequisites, U-Boot updates, and step-by-step installation procedures.

Upgrade or downgrade the SRX300 Line of Firewall from Junos OS Release 24.4R1 using the boot loader. After rebooting, the device enters an amnesiac state. Therefore, before you install, make sure you have saved the configuration file so that you can more easily reconfigure the device using the console port.

Also, before upgrading from either Junos OS Release 23.4R2-S3 or Release 24.2R2 to Junos OS Release 24.4R1 for SRX300 Line of Firewalls, complete the following:

  • Upgrade the U-Boot software to at least version 3.15.

  • Upgrade the loader to a build from the year 2023 or later. During the boot process, the loader reveals the build date. For example, this loader was built on May 23, 2023

Once you have installed either Junos OS Release 23.4R2-S3 or Release 24.2R2, the Junos OS image contains the latest boot loader binaries in these paths: /boot/uboot and /boot/veloader. You can upgrade the U-Boot software and veloader software as follows:

  • From the CLI prompt, enter the start shell command.

  • From the shell prompt, update the U-Boot software with the bootupgrade -u /boot/uboot command.

  • From the shell prompt, update the veloader with the bootupgrade -l /boot/veloader -x command.

  • Reboot the device. Once the device is back up, you can use TFTP to upgrade to Junos OS Release 24.4R1.

You can install Junos OS using the Trivial File Transfer Protocol (TFTP) method. The device is shipped with Junos OS loaded on the primary boot device. During Junos OS installation from the loader, the device retrieves the Junos OS package from a TFTP server. The internal media are then formatted, and the Junos OS image is installed.

From the loader installation, you can:

  • Install Junos OS on the device for the first time.

  • Recover the system from a file system corruption. Installation from a TFTP server can only be performed using the first onboard Ethernet interface. Installation from the loader-over-TFTP method does not work reliably over slow speeds or large latency networks.

Before you begin, verify that:

  • You have access to the TFTP server with the Junos OS package to be installed.

  • The TFTP server supports BOOTP or DHCP. If the TFTP server does not support BOOTP or DHCP, you must set the environment variables before performing the installation from the TFTP server.

  • Functional network connectivity exists between the device and the TFTP server over the first onboard Ethernet interface.

To install the Junos OS image on the internal media of the device:

  1. To access the U-Boot prompt, use the console connection to connect to the device.
  2. Reboot the device.

    The following messages appear:

    After this message appears, you see the following prompt:

  3. Press the space bar to stop the autoboot process.

    The => U-Boot prompt appears.

  4. Configure the environment variables listed in Table 1.
    Table 1: Environment Variables Settings

    Environment Variables

    Description

    gatewayip

    IP address of the SRX Series Firewall

    ipaddr

    IP address of the SRX Series Firewall

    netmask

    Network mask

    serverip

    IP address of the TFTP server

    This example shows you how to configure the environment variables:

  5. Reboot the system using the reset command.
  6. To access the loader prompt, use the console connection to connect to the device.
  7. Reboot the device.

    The following message appears:

    Loading /boot/defaults/loader.conf

    After this message appears, you see the following prompt:

    Hit [Enter] to boot immediately, or space bar for command prompt.

  8. Press the space bar to access the loader prompt (loader>).

    The loader> prompt appears. Enter:

    The URL path is relative to the TFTP server’s TFTP root directory, where the URL is tftp://tftp-server-ipaddress/package.

When this command is executed:

  • The system downloads the Junos OS package from the TFTP server.

  • Next, the system formats the internal media.

  • Finally, the system installs the Junos OS package on the formatted internal media.

After you install Junos OS, the device boots from the internal media. Once the system boots up with Junos OS Release 10.0 or later, you must upgrade the U-boot and boot loader immediately.

When you install Junos OS using the loader-over-TFTP method, the system formats the media. The process attempts to save the current configuration. We recommend that you back up all important information about the device before using this process.