Restoring Factory Default Configuration

Core Knowledge

There are many reason to want to reset the configuration back to factory defaults on a Juniper Router. Perhaps you bought a router off eBay and its got an existing configuration and you don’t want to manually delete every section of the config. Maybe you have to sanitize your devices because they’re being decommissioned and sold off. Wouldn’t want configurations with company confidential information ending up in the hands of random strangers who bought the devices off eBay would you? Sadly this does happen.

There are two ways to reset the configuration back to factory defaults. Both methods of course require root or super-user privileges. The first method is known as the zeroize method. This method removes all existing configurations off the Juniper device including the configuration, certs, logs and forces a system reboot. This process is used when you need to sanitize a device prior to decommissioning. This method is done executing the single command request system zeroize in user mode. It will prompt you to confirm this action and will reboot the device.

The second process which is a more common does not erase the configuration pe se but replaces the running configuration with the factory default configuration while the device is running. Once the existing running configuration is replaced by the factory default configuration you must still commit the changes however you’re required to set the root password prior to committing the changes. To replace the running config with the factory default config, you would execute the load factory-default command in configuration mode.

You should note when loading the factory-default configuration, the existing hostname you have assigned to the device will remain until the device is rebooted or the hostname is changed in configuration.

Now that you’re familiar with the commands needed to execute this procedure you should attempt to perform this procedure on R1 or you own device.

Lab Prerequisites

Prior to attempting this lab you’ll need a Juniper device you can perform this procedure on. This lab can be performed on the following devices; J Series Router(s), EX Series Switch(s) or SRX platforms. This device can also be a vSRX Firefly.

You need to establish a console session with the device in question and log into the device using the root account or a user account with super-user privileges.

Lab Objectives

To complete this lab you will perform the following objectives;

Before you Continue

It is recommended that you attempt to complete these lab objectives the first time without looking at the Lab Instruction section.

If you are a student preparing for the Juniper JNCIA Certification Exam than you are more likely to remember how to complete these objectives if you attempt to complete them the first time on your own with the use of the core knowledge section found in this lab. You should only resort to the Lab Instruction section to verify your work.

Lab Instruction

The following lab instruction is performed on a Junos Firefly device running on VMWare Workstation 10. This lab can however be performed on any Juniper J Series, SRX Gateway and EX Series Switches.

• Without rebooting, apply the factory default configuration to R1 and set the root password. Once completed save your configuration.

root@vSRX_R1> configure
Entering configuration mode

[edit]
root@vSRX_R1# load factory-default
warning: activating factory configuration

[edit]
root@vSRX_R1# set system root-authentication plain-text-password
New password: juniper1         <-- NOTICE: The password will not show when typing
Retype new password: juniper1  <-- NOTICE: The password will not show when typing

[edit]
root@vSRX_R1# commit and-quit
commit complete
Exiting configuration mode

root@vSRX_R1>

• You have been asked by your boss to sanitize R1 as this device is being decommissioned and sold to make way for new hardware.

root@vSRX_R1> request system zeroize
warning: System will be rebooted and may not boot without configuration
Erase all data, including configuration and log files? [yes,no] (no) yes

warning: zeroizing re0

root@vSRX_R1> Waiting (max 60 seconds) for system process `vnlru_mem' to stop...done
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...0 0 0 0 0 0 0 0 0 0 done

syncing disks... All buffers synced.
Uptime: 1h48m21s
Normal shutdown (no dump device defined)
Shutting down ACPI
Rebooting...
.
>> BOOT PROCESS TRUNCATED <<
.
Amnesiac (ttyd0)

login: root

--- JUNOS 12.1I20131108_srx_12q1_x46_intgr.0-613414 built 2013-11-09 05:08:59 UTC

root@%