Juniper ScreenOS for SSG security appliance can be managed either through the Web UI or command line interface (CLI).
Upgrade through the Web interface can be endless and painful. The best way to do it is through the CLI.
To accomplish this task, you’ll need :
– SSH or Telnet client
– TFTP server
Here is a quick how to do it.
First, you need to get the ScreenOS from juniper.net Web site, unpack and make it available on a local TFTP server.
1. Connect to your device using the SSH client :
ssh netscreen@<ip_addr>
2. Save your current config (as a policy insurance in case something goes wrong!) :
save config to tftp <ip_addr> <filename.cfg>
3. Download and flash the image on your device :
save soft from tftp <ip_addr> <filename> to flash
[Example : save software from tftp 192.168.1.1 ssg5ssg20.6.3.0r12.0 to flash]
Or from USB :
save software from usb ssg20.6.3.0r12.0 to flash
4. The image is now uploading and firmware will be flashed automaticaly once complete. You should see the following output :
Load software from TFTP 0.0.0.0 (file: ssg5ssg20.6.3.0r12.0).
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
tftp received octets = 13353346
tftp success!TFTP Succeeded
Save to flash. It may take a few minutes …platform = 25, cpu = 12, version = 18
update new flash image (02575760,13353346)
platform = 25, cpu = 12, version = 18
offset = 20, address = 5800000, size = 13353268
date = 1f08, sw_version = 31808000, cksum = 42d91b23
Program flash (13353346 bytes) …
+++++++++++++++++++++++++++++++++++++++++++++++++++++done
Done
SSG5 ->
5. You may now reboot your appliance to boot into the new ScreenOS version :
reset
Tips & tricks :
– To get the current running configuration :
get config
– To get the current version informations :
get system
– To downgrade to earlier version of ScreenOS :
exec downgrade