Juniper Networks SRX 210 User Manual
SRX210 Services Gateway
Hardware Guide
Published: 2013-06-20
Copyright © 2013, Juniper Networks, Inc.
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, California 94089
USA
408-745-2000
www.juniper.net
This productincludes the Envoy SNMP Engine, developed by Epilogue Technology, an Integrated Systems Company. Copyright © 1986-1997,
Epilogue Technology Corporation. All rights reserved. This program and its documentation were developed at private expense, and no part
of them is in the public domain.
This product includes memory allocation software developed by Mark Moraes, copyright © 1988, 1989, 1993, University of Toronto.
This product includes FreeBSD software developed by the University of California, Berkeley, and its contributors. All of the documentation
and software included in the 4.4BSD and 4.4BSD-Lite Releases is copyrighted by the Regents of the University of California. Copyright ©
1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994. The Regents of the University of California. All rights reserved.
GateD software copyright © 1995, the Regents of the University. All rights reserved. Gate Daemon was originated and developed through
release 3.0 by Cornell University and its collaborators. Gated is based on Kirton’s EGP, UC Berkeley’s routing daemon (routed), and DCN’s
HELLO routing protocol. Development of Gated has been supported in part by the National Science Foundation. Portions of the GateD
software copyright © 1988, Regents of the University of California. All rights reserved. Portions of the GateD software copyright © 1991, D.
L. S. Associates.
This product includes software developed by Maker Communications, Inc., copyright © 1996, 1997, Maker Communications, Inc.
Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United
States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other
trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify,
transfer, or otherwise revise this publication without notice.
Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are
owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312,
6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
SRX210 Services Gateway Hardware Guide
Copyright © 2013, Juniper Networks, Inc.
All rights reserved. Printed in USA.
Revision History
June 2013
The information in this document is current as of the date on the title page.
SOFTWARE LICENSE
The terms and conditions for using this software are described in the software license contained in the acknowledgment to your purchase
order or, to the extent applicable, to any reseller agreement or end-user purchase agreement executed between you and Juniper Networks.
By using this software, you indicate that you understand and agree to be bound by those terms and conditions.
Generally speaking, the software license restricts the manner in which you are permitted to use the software and may contain prohibitions
against certain uses. The software license may state conditions under which the license is automatically terminated. You should consult
the license for further details.
For complete product documentation, please see the Juniper Networks Web site at www.juniper.net/techpubs.
END USER LICENSE AGREEMENT
The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks
software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at
Copyright © 2013, Juniper Networks, Inc.ii
http://www.juniper.net/support/eula.html. By downloading, installing or using such software, you agree to the terms and conditions of
that EULA.
iiiCopyright © 2013, Juniper Networks, Inc.
Copyright © 2013, Juniper Networks, Inc.iv
Table of Contents
About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
SRX Series Documentation and Release Notes . . . . . . . . . . . . . . . . . . . . . . . xiii
Obtaining Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv
Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv
Part 1 SRX210 Services Gateway Overview
Chapter 1 Introduction to the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . 3
SRX210 Services Gateway Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
About the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
SRX210 Services Gateway Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Accessing the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
SRX210 Services Gateway Hardware Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Chapter 2 SRX210 Services Gateway Hardware Components and Specifications . . . . 7
SRX210 Services Gateway Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
SRX210 Services Gateway Front Panel and Back Panel Views (Low Memory,
High Memory, and PoE Versions) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
SRX210 Services Gateway Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
SRX210 Services Gateway Back Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
SRX210 Services Gateway Built-In Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
SRX210 Services Gateway LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Front Panel LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Ethernet Port LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
SRX210 Services Gateway Boot Devices and Dual-Root Partitioning Scheme . . . 17
Boot Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Dual-Root Partitioning Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
SRX210 Services Gateway Cooling System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
SRX210 Services Gateway Power Supply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Chapter 3 SRX210 Services Gateway 3G ExpressCard . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
SRX210 Services Gateway 3G ExpressCard Overview . . . . . . . . . . . . . . . . . . . . . . 23
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Supported Modem Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Using the 3G ExpressCard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Key Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
vCopyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Installing the 3G ExpressCard in the SRX210 Services Gateway ExpressCard
SRX210 Services Gateway 3G ExpressCard Basic CLI Commands . . . . . . . . . . . . 27
Chapter 4 SRX210 Services Gateway Power over Ethernet Support . . . . . . . . . . . . . . . 29
SRX210 Services Gateway PoE Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Configuring PoE Functionality on the SRX210 Services Gateway . . . . . . . . . . . . . . 31
Chapter 5 SRX210 Services Gateway Mini-Physical Interface Modules . . . . . . . . . . . . 33
SRX210 Services Gateway Mini-Physical Interface Modules . . . . . . . . . . . . . . . . . 33
Part 2 Setting Up the SRX210 Services Gateway
Chapter 6 Preparing the Site for the SRX210 Services Gateway Installation . . . . . . . . 37
Site Preparation Checklist for the SRX210 Services Gateway . . . . . . . . . . . . . . . . 37
General Site Guidelines for Installing the SRX210 Services Gateway . . . . . . . . . . 39
SRX210 Services Gateway Cabinet Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 39
SRX210 Services Gateway Rack Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Clearance Requirements for Airflow and Hardware Maintenance of the SRX210
SRX210 Services Gateway Electrical and Power Requirements . . . . . . . . . . . . . . 42
Chapter 7 Installation Overview for the SRX210 Services Gateway . . . . . . . . . . . . . . . 45
Installation Overview for the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . 45
Chapter 8 Required Tools and Parts for Installing and Maintaining the SRX210
Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Required Tools and Parts for Installing and Maintaining the SRX210 Services
Chapter 9 Unpacking the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Unpacking the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Verifying Parts Received with the SRX210 Services Gateway . . . . . . . . . . . . . . . . 49
Chapter 10 Preparing the SRX210 Services Gateway for Installation . . . . . . . . . . . . . . . 53
Preparing the SRX210 Services Gateway for Rack-Mount, Desk-Mount, and
Preparing the SRX210 Services Gateway for Rack-Mount Installation . . . . . . . . . 53
Preparing the SRX210 Services Gateway for Desk-Mount Installation . . . . . . . . . 55
Preparing the SRX210 Services Gateway for Wall-Mount Installation . . . . . . . . . 56
Chapter 11 Installing the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
SRX210 Services Gateway Safety Requirements, Warnings, and Guidelines . . . . 57
SRX210 Services Gateway Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Physical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Slot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
PoE Classes and Power Ratings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Wall-Mount Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Adjusting the Power Supply Adapter Tray for the SRX210 Services Gateway
for Rack-Mount Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Installing the SRX210 Services Gateway in a Rack . . . . . . . . . . . . . . . . . . . . . 59
Installing the SRX210 Services Gateway on a Desk . . . . . . . . . . . . . . . . . . . . . 62
Copyright © 2013, Juniper Networks, Inc.vi
Table of Contents
Installing the SRX210 Services Gateway on a Wall . . . . . . . . . . . . . . . . . . . . . 63
Replacing or Installing Mini-Physical Interface Modules in the SRX210 Services
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Chapter 12 Connecting, Grounding, and Powering On the SRX210 Services
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Connecting the SRX210 Services Gateway to the Power Supply . . . . . . . . . . . . . . 67
Connecting and Organizing Interface Cables for the SRX210 Services
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Grounding the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Powering On and Powering Off the SRX210 Services Gateway . . . . . . . . . . . . . . . 71
Powering On the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Powering Off the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Resetting the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Chapter 13 SRX210 Services Gateway Autoinstallation . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
SRX210 Services Gateway Autoinstallation Overview . . . . . . . . . . . . . . . . . . . . . . 75
Chapter 14 Connecting the SRX210 Services Gateway to Management Devices . . . . . 77
Connecting an SRX210 Services Gateway to the J-Web Interface . . . . . . . . . . . . . 77
Connecting an SRX210 Services Gateway to the CLI Locally . . . . . . . . . . . . . . . . . 79
Connecting an SRX210 Services Gateway to the CLI Remotely . . . . . . . . . . . . . . 80
Connecting the Modem at the SRX210 Services Gateway End . . . . . . . . . . . . . . . 81
Connecting the Modem to the Console Port on the SRX210 Services
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Connecting to the CLI at the User End for the SRX210 Services Gateway . . . . . . . 83
Chapter 15 Performing Initial Software Configuration on the SRX210 Services
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
SRX210 Services Gateway Software Configuration Overview . . . . . . . . . . . . . . . . 85
Preparing the SRX210 Services Gateway for Configuration . . . . . . . . . . . . . . 85
Understanding the Factory-Default Configuration . . . . . . . . . . . . . . . . . . . . . 86
Understanding Built-In Ethernet Ports and Initial Configuration . . . . . . . . . . 86
Mapping the Chassis Cluster Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Understanding Management Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Performing Initial Software Configuration on the SRX210 Services Gateway
Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Performing Initial Software Configuration on the SRX210 Services Gateway
Using the J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Establishing Basic Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Configuring Basic System Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
SRX210 Services Gateway Secure Web Access Overview . . . . . . . . . . . . . . . . . . . 95
Part 3 Maintaining and Monitoring the SRX210 Services Gateway
Hardware
Chapter 16 Maintaining the SRX210 Services Gateway Hardware Components . . . . . 99
Maintaining the SRX210 Services Gateway Hardware Components . . . . . . . . . . . 99
viiCopyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Chapter 17 Monitoring the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Monitoring Hardware Components on the SRX210 Services Gateway . . . . . . . . . 101
Resetting the Configuration File When the SRX210 Services Gateway Is
Juniper Networks Technical Assistance Center . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Part 4 Appendixes
Appendix A Safety and Regulatory Compliance Information . . . . . . . . . . . . . . . . . . . . . . 113
SRX210 Services Gateway Definition of Safety Warning Levels . . . . . . . . . . . . . . 113
SRX210 Services Gateway General Safety Guidelines and Warnings . . . . . . . . . . 115
SRX210 Services Gateway Fire Safety Requirements . . . . . . . . . . . . . . . . . . . . . . 119
SRX210 Services Gateway Installation Safety Guidelines and Warnings . . . . . . . 120
SRX210 Services Gateway Laser and LED Safety Guidelines and Warnings . . . . 124
SRX210 Services Gateway Maintenance and Operational Safety Guidelines and
SRX210 Services Gateway Electrical Safety Guidelines and Warnings . . . . . . . . . 132
SRX210 Services Gateway Agency Approvals . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
SRX210 Services Gateway Compliance Statements for EMC Requirements . . . . 134
SRX210 Services Gateway Compliance Statements for Environmental
SRX210 Services Gateway Compliance Statements for Acoustic Noise . . . . . . . 137
Monitoring the SRX210 Services Gateway Chassis Using the CLI . . . . . . . . . 101
Monitoring the SRX210 Services Gateway Components Using LEDs . . . . . . 103
Monitoring the SRX210 Services Gateway Using Chassis Alarm
Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Monitoring the SRX210 Services Gateway Power System . . . . . . . . . . . . . . . 108
Inaccessible . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Using the Reset Config Button on the SRX210 Services Gateway . . . . . . . . 109
Changing the Reset Config Button Behavior on the SRX210 Services
Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
General Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Qualified Personnel Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Restricted Access Area Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Preventing Electrostatic Discharge Damage to the Services Gateway . . . . . 118
Laser and LED Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . 124
General Laser Safety Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Class 1 Laser Product Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Class 1 LED Product Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Laser Beam Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Radiation from Open Port Apertures Warning . . . . . . . . . . . . . . . . . . . . 126
Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Safety Guidelines and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Battery Handling Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Jewelry Removal Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Lightning Activity Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Operating Temperature Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Product Disposal Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Copyright © 2013, Juniper Networks, Inc.viii
Table of Contents
Appendix B SRX210 Services Gateway Power Guidelines, Requirements, and
Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
SRX210 Services Gateway Site Electrical Wiring Guidelines . . . . . . . . . . . . . . . . . 139
SRX210 Services Gateway Power Specifications and Requirements . . . . . . . . . . 141
SRX210 Services Gateway Grounding Specifications . . . . . . . . . . . . . . . . . . . . . . 141
Appendix C SRX210 Services Gateway Interface Cable Specifications and Connector
Pinouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Interface Cable and Wire Specifications for the SRX210 Services Gateway . . . . 143
RJ-45 Connector Pinouts for the SRX210 Services Gateway Ethernet Port . . . . . 144
RJ-45 Connector Pinouts for the SRX210 Services Gateway Console Port . . . . . 145
Appendix D Contacting Customer Support and Returning the SRX210 Services
Gateway Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Return Procedure for the SRX210 Services Gateway . . . . . . . . . . . . . . . . . . . . . . . 147
Locating an SRX210 Services Gateway Component Serial Number and Agency
Labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Listing the SRX210 Services Gateway and Component Details with the
CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
SRX210 Services Gateway Chassis Serial Number and Agency Labels . . . . 149
SRX210 Services Gateway Mini-Physical Interface Module Serial Number
Label . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Contacting Customer Support to Obtain Return Materials Authorization . . . . . . 150
Information You Might Need to Supply to Juniper Networks Technical
Assistance Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Contacting Customer Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Packing the SRX210 Services Gateway and Components for Shipment . . . . . . . 151
Packing the Services Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Packing the Components for Shipment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Part 5 Index
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
ixCopyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Copyright © 2013, Juniper Networks, Inc.x
About This Guide
This preface includes the following topics:
•
Objectives on page xi
•
Audience on page xi
•
Documentation Conventions on page xi
•
SRX Series Documentation and Release Notes on page xiii
•
Obtaining Documentation on page xiii
•
Documentation Feedback on page xiv
•
Requesting Technical Support on page xiv
Objectives
This guide describes hardware components and installation, basic configuration, and
basic troubleshooting procedures for the Juniper Networks SRX210 Services Gateway.
It explains how to prepare your site for services gateway installation, unpack and install
the hardware, power on the services gateway, perform initial software configuration, and
perform routine maintenance. After completing the installation and basic configuration
procedures covered in this guide, see the Junos OS configuration guides for information
about further Junos OS configuration.
Audience
This guide is designed for network administrators who are installing and maintaining a
Juniper Networks SRX210 Services Gateway or preparing a site for device installation.
To use this guide, youneed a broad understandingof networks in general andthe Internet
in particular, networking principles, and network configuration. Any detailed discussion
of these concepts is beyond the scope of this guide.
Documentation Conventions
Table 1 on page xii defines the notice icons used in this guide.
xiCopyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Table 1: Notice Icons
Table 2 on page xii defines the text and syntax conventions used in this guide.
DescriptionMeaningIcon
Indicates important features or instructions.Informational note
Indicates a situation that might result in loss of data or hardware damage.Caution
Alerts you to the risk of personal injury or death.Warning
Alerts you to the risk of personal injury from a laser.Laser warning
Table 2: Text and Syntax Conventions
Represents text that you type.Bold text like this
Fixed-width text like this
Italic text like this
Italic text like this
Text like this
Represents output that appears on the
terminal screen.
•
Introduces or emphasizes important
new terms.
•
Identifies book names.
•
Identifies RFC and Internet draft titles.
Represents variables (options for which
you substitute a value) in commands or
configuration statements.
Represents names of configuration
statements, commands, files, and
directories;configurationhierarchy levels;
or labels on routing platform
components.
ExamplesDescriptionConvention
To enter configuration mode, type
theconfigure command:
user@host> configure
user@host> show chassis alarms
No alarms currently active
•
A policy term is a named structure
that defines match conditions and
actions.
•
Junos OS SystemBasics Configuration
Guide
•
RFC 1997, BGP Communities Attribute
Configure the machine’s domain name:
[edit]
root@# set system domain-name
domain-name
•
To configure a stub area, include the
stub statement at the[edit protocols
ospf area area-id] hierarchy level.
•
The console portis labeled CONSOLE.
stub <default-metric metric>;Enclose optional keywords or variables.< > (angle brackets)
Copyright © 2013, Juniper Networks, Inc.xii
Table 2: Text and Syntax Conventions (continued)
About This Guide
ExamplesDescriptionConvention
| (pipe symbol)
# (pound sign)
[ ] (square brackets)
Indention and braces ( { } )
; (semicolon)
GUI Conventions
Bold text like this
Indicates a choice betweenthe mutually
exclusivekeywords or variables on either
side of the symbol. The set of choices is
often enclosed in parentheses for clarity.
same lineas theconfiguration statement
to which it applies.
Enclose a variable for which you can
substitute one or more values.
Identify a level in the configuration
hierarchy.
Identifies a leaf statement at a
configuration hierarchy level.
Representsgraphical user interface (GUI)
items you click or select.
broadcast | multicast
(string1 | string2 | string3)
rsvp { # Required for dynamic MPLS onlyIndicates a comment specified on the
community name members [
community-ids ]
[edit]
routing-options {
static {
route default {
nexthop address;
retain;
}
}
}
•
In the Logical Interfaces box, select
All Interfaces.
•
To cancel the configuration, click
Cancel.
> (bold right angle bracket)
Separates levels in a hierarchy of menu
selections.
SRX Series Documentation and Release Notes
For a list of related SRX Series documentation, see
http://www.juniper.net/techpubs/hardware/srx-series-main.html.
If the information in the latest SRX Series Release Notes differs from the information in
the documentation, follow the SRX Series Release Notes.
Obtaining Documentation
To obtain the most current version of all Juniper Networks technical documentation, see
the products documentation page on the Juniper Networks web site at
http://www.juniper.net/techpubs.
To order printed copies of this guide and other Juniper Networks technical documents,
or to order a documentation CD, which contains this guide, contact your sales
representative.
In the configuration editor hierarchy,
select Protocols>Ospf.
xiiiCopyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Copies of the Management Information Bases (MIBs) available in a software release are
included on the documentation CDs and at http://www.juniper.net/.
Documentation Feedback
We encourage you to provide feedback, comments, and suggestions so that we can
improve the documentation. You can send your comments to
techpubs-comments@juniper.net, or fill out the documentation feedback form at
http://www.juniper.net/techpubs/docbug/docbugreport.html. If you are using e-mail, be
sure to include the following information with your comments:
•
Document name
•
Document part number
•
Page number
•
Software release version (not required for Network Operations Guides [NOGs])
Requesting Technical Support
Technical product support is available through the Juniper NetworksTechnical Assistance
Center (JTAC). If you are a customer with an active J-Care or JNASC support contract,
or are covered under warranty, and need postsales technical support, you can access
our tools and resources online or open a case with JTAC.
•
JTAC policies- For a complete understanding of our JTAC procedures and policies,
review the JTAC User Guide located at
http://www.juniper.net/customers/support/downloads/710059.pdf.
•
Product warranties- For product warranty information, visit
http://www.juniper.net/support/warranty/.
•
JTAC Hours of Operation- The JTAC centers have resources available 24 hours a day,
7 days a week, 365 days a year.
Self-Help Online Tools and Resources
For quick and easy problem resolution, Juniper Networks has designed an online
self-service portal called the Customer Support Center (CSC) that provides you with the
following features:
•
Find CSC offerings: http://www.juniper.net/customers/support/
•
Search for known bugs: http://www2.juniper.net/kb/
•
Find product documentation: http://www.juniper.net/techpubs/
•
Find solutions and answer questions using our Knowledge Base: http://kb.juniper.net/
•
Download the latest versions of software and review release notes:
http://www.juniper.net/customers/csc/software/
•
Search technical bulletins for relevant hardware and software notifications:
https://www.juniper.net/alerts/
Copyright © 2013, Juniper Networks, Inc.xiv
About This Guide
•
Join and participate in the Juniper Networks Community Forum:
http://www.juniper.net/company/communities/
•
Open a case online in the CSC Case Manager: http://www.juniper.net/cm/
To verify service entitlement byproduct serial number, useour SerialNumber Entitlement
(SNE) tool located at https://tools.juniper.net/SerialNumberEntitlementSearch/.
Opening a Case with JTAC
You can open a case with JTAC on the Web or by telephone.
•
Use the Case Manager tool in the CSC at http://www.juniper.net/cm/.
•
Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).
For international or direct-dial options in countries without toll-free numbers, visit us at
http://www.juniper.net/support/requesting-support.html.
xvCopyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Copyright © 2013, Juniper Networks, Inc.xvi
PART 1
SRX210 Services Gateway Overview
•
Introduction to the SRX210 Services Gateway on page 3
•
SRX210 Services Gateway Hardware Components and Specifications on page 7
•
SRX210 Services Gateway 3G ExpressCard on page 23
•
SRX210 Services Gateway Power over Ethernet Support on page 29
•
SRX210 Services Gateway Mini-Physical Interface Modules on page 33
1Copyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Copyright © 2013, Juniper Networks, Inc.2
CHAPTER 1
Introduction to the SRX210 Services
Gateway
This chapter includes the following topics:
•
SRX210 Services Gateway Description on page 3
•
SRX210 Services Gateway Hardware Features on page 4
SRX210 Services Gateway Description
This topic includes the following sections:
•
About the SRX210 Services Gateway on page 3
•
SRX210 Services Gateway Models on page 3
•
Accessing the SRX210 Services Gateway on page 4
About the SRX210 Services Gateway
The Juniper Networks SRX210 Services Gateway offers complete functionality and
flexibility for delivering secure and reliable data, along with multiple interfaces that
support WAN and LAN connectivity and Power over Ethernet (PoE).
The SRX210 Services Gateway provides Internet Protocol Security (IPsec), virtual private
network (VPN), and firewall services for small and medium-sized companies and
enterprise branch and remote offices. Additional security features also include Unified
ThreatManagement (UTM), which consists ofIPS antispam, antivirus, and Web filtering.
The SRX210 Services Gateway runs the Junos operating system (Junos OS).
SRX210 Services Gateway Models
The SRX210 Services Gateway is available in six models, which are listed in
Table 3 on page 3.
Table 3: SRX210 Services Gateway Models
Model NumberDevice TypeProduct Name
SRX210BLow MemorySRX210 Services Gateway
3Copyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Table 3: SRX210 Services Gateway Models (continued)
Model NumberDevice TypeProduct Name
SRX210HHigh MemorySRX210 Services Gateway
SRX210 Services Gateway with
PoE
(Enhanced)
Memory (Enhanced)
SRX210 Services Gateway
(Enhanced) TAA Compliant
SRX210 Services Gateway with
PoE (Enhanced)
SRX210 Services Gateway with
PoE (Enhanced + TAA)
All SRX210 Services Gateways run the Junos operating system (Junos OS).
Accessing the SRX210 Services Gateway
Two user interfaces are available for monitoring, configuring, troubleshooting, and
managing the SRX210 Services Gateway:
•
J-Web interface: Web-based graphical interface that allows you to operate a services
gateway without commands. The J-Web interface provides access to all Junos
functionality and features.
SRX210H-POEHigh Memory with Power over
Ethernet (PoE)
SRX210BELow Memory (Enhanced)SRX210 Services Gateway
SRX210HEHigh Memory (Enhanced)SRX210 Services Gateway High
SRX210HE-TAAHigh Memory (Enhanced + TAA
Compliant)
SRX210HE-POEHigh Memory with Power over
Ethernet (Enhanced + PoE)
SRX210HE-POE-TAAHigh Memory with PoE
(Enhanced + TAA Compliant)
•
Junos OS command-line interface (CLI): Juniper Networks command shell that runs
on top of a UNIX-basedoperating system kernel. The CLI is a straightforward command
interface. On a single line, you type commands that are executed when you press the
Enter key. The CLI provides command Help and command completion.
Related
Documentation
SRX210 Services Gateway Specifications on page 7•
• SRX210 Services Gateway Hardware Features on page 4
SRX210 Services Gateway Hardware Features
Table 4 on page 5 lists the hardware features supported on the SRX210 Services
Gateway.
Copyright © 2013, Juniper Networks, Inc.4
Chapter 1: Introduction to the SRX210 Services Gateway
Table 4: SRX210 Services Gateway Hardware Features
NOTE: The SRX210
ServicesGatewayuses
a single power supply.
SRX210 Services
Gateway Low
MemoryFeature
SRX210 Services
Gateway High
Memory
SRX210 Services
Gateway Powerover
Ethernet
1 GB1 GB512 MBDDR memory
YesNoNoPoE support
150 watts60 watts60 wattsPower supply adapter
100 to 240 VAC100 to 240 VAC100 to 240 VACAC input voltage
222Gigabit Ethernet ports
666Fast Ethernet ports
111Console port
222USB ports
111Mini-PIM slots
Related
Documentation
LEDs
Status, Alarm, HA,
Power, Mini-PIMs, 3G
ExpressCard, Port
(TX/RX and PoE)
Status, Alarm, HA,
Power, Mini-PIMs, 3G
ExpressCard, Port
(TX/RX and PoE)
Status, Alarm, HA,
Power, Mini-PIMs, 3G
ExpressCard, Port
(TX/RX and PoE)
1 GB1 GB1 GBNAND flash
111Fans
NOTE: The PoELED isenabled onlyon thePoE modelof the SRX210Services
Gateway. For non-PoE services gateways, the PoE LED remains off.
For more details on the SRX210 Services Gateway software features and licenses, see
the following guides:
•
Initial Configuration for Security Devices
•
Monitoring and Troubleshooting for Security Devices
• SRX210 Services Gateway Description on page 3
• SRX210 Services Gateway Specifications on page 7
5Copyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Copyright © 2013, Juniper Networks, Inc.6
CHAPTER 2
SRX210 Services Gateway Hardware
Components and Specifications
This chapter includes the following topics:
•
SRX210 Services Gateway Specifications on page 7
•
SRX210 Services Gateway Front Panel and Back Panel Views (Low Memory, High
Memory, and PoE Versions) on page 9
•
SRX210 Services Gateway Built-In Interfaces on page 11
•
SRX210 Services Gateway LEDs on page 13
•
SRX210 Services GatewayBoot Devices andDual-Root Partitioning Scheme onpage 17
•
SRX210 Services Gateway Cooling System on page 18
•
SRX210 Services Gateway Power Supply on page 19
SRX210 Services Gateway Specifications
The SRX210 Services Gateway chassis is a rigid sheet metal structure of 1 rack unit (U)
height that houses all the other hardware components.
Figure 1 on page 7 shows the SRX210 Services Gateway chassis (for low memory, high
memory, and PoE models).
Figure 1: SRX210 Services Gateway
7Copyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Table 5 on page 8 provides information on the physical specifications of the device.
Table 5: SRX210 Services Gateway Specifications
ValueSpecification
Dimensions (H x W x D)
Chassis weight
Average power consumption
Altitude
Temperature
1.73 in. x 11.02 in. x 7.13 in.
44 mm x 280 mm x 181 mm
•
3.46 lb (1.57 kg) for SRX210 Services Gateway
without PoE (no interface modules)
•
3.55 lb (1.61 kg) for SRX210 Services Gateway with
PoE (no interface modules)
•
SRX210 Services Gateway Low Memory model: 27
watts
•
SRX210 Services Gateway HighMemory model:28
watts
•
SRX210 Services Gateway PoE model: 34 watts
(excluding PoE load)
No performance degradation up to 10,000 ft (3048
m) for SRX210 Services Gateway Low Memory, High
Memory, and PoE models
5% to 90%, noncondensingRelative humidity
Normal operation ensured in temperature range of
32°F (0°C) to 104°F (+40°C)
Nonoperating storage temperature in shipping
container: –40°F (–40°C) to 158°F (70°C)
Maximum thermal output
CAUTION: Before removingor installingcomponents ofa functioning services
gateway, attach an electrostatic discharge (ESD) strap to an ESD point and
place the other end of the strap around your bare wrist. Failure to use an ESD
strap could result in damage to the services gateway.
NOTE: These specificationsare estimatesand subject
to change.
•
SRX210 Services Gateway Low Memory: 120
BTU/hour
•
SRX210 Services Gateway High Memory: 126
BTU/hour
•
SRX210 Services Gateway withPoE: 164BTU/hour
(Excluding PoE load)
29.1 dB per EN ISO 7779Noise level
Copyright © 2013, Juniper Networks, Inc.8
Chapter 2: SRX210 Services Gateway Hardware Components and Specifications
Related
Documentation
SRX210 Services Gateway Description on page 3•
• SRX210 Services Gateway Front Panel and Back Panel Views (Low Memory, High
Memory, and PoE Versions) on page 9
• Monitoring the SRX210 Services Gateway Components Using LEDs on page 103
• SRX210 Services Gateway Electrical Safety Guidelines and Warnings on page 132
SRX210 Services Gateway Front Panel and Back Panel Views (Low Memory, High Memory, and PoE Versions)
This topic contains views of the front panel and back panel of the SRX210 Services
Gateway high memory, low memory, and Power over Ethernet (PoE) versions. This topic
includes the following sections:
•
SRX210 Services Gateway Front Panel on page 9
•
SRX210 Services Gateway Back Panel on page 10
SRX210 Services Gateway Front Panel
Figure 2 on page 9 shows the front panel of the SRX210 Services Gateway.
Figure 2: SRX210 Services Gateway Front Panel
Table 6 on page 9 lists the front panel components of the services gateway.
NOTE: The numbers in Figure 2 on page 9 correspond to the numbers in
Table 6 on page 9.
Table 6: SRX210 Services Gateway Front Panel Components
ComponentNumber
Mini-PIM slot1
Power button2
LEDs: Status, Alarm, Power, 3G ExpressCard, Mini-PIM, HA3
Reset Config button4
9Copyright © 2013, Juniper Networks, Inc.
g031113
SRX210 Services Gateway Hardware Guide
Table 6: SRX210 Services Gateway Front Panel Components (continued)
For more information on the front panel components, see the following topics:
•
SRX210 Services Gateway Built-In Interfaces on page 11
•
SRX210 Services Gateway LEDs on page 13
•
SRX210 Services GatewayBoot Devices andDual-Root Partitioning Scheme onpage 17
SRX210 Services Gateway Back Panel
ComponentNumber
Universal Serial Bus (USB) ports5
Console port6
Gigabit Ethernet ports and Fast Ethernet ports7
Figure 3 on page 10 illustrates the back panel of the SRX210 Services Gateway.
Figure 3: SRX210 Services Gateway Back Panel
Table 7 on page 10 lists the back panel components of the SRX210 Services Gateway.
NOTE: The numbers in Figure 3 on page 10 correspond to the numbers in
Table 7 on page 10.
Table 7: SRX210 Services Gateway Back Panel Components
ComponentNumber
Power supply point1
Cable tie holder2
Grounding point3
Lock4
ExpressCard slot5
Copyright © 2013, Juniper Networks, Inc.10
Chapter 2: SRX210 Services Gateway Hardware Components and Specifications
NOTE: The cable tie holder provides support to hold the power cord on to
the power supply point.
The lock provides the capability to lock and secure the device to the
installation site.
Related
Documentation
SRX210 Services Gateway Built-In Interfaces on page 11•
• SRX210 Services Gateway LEDs on page 13
• SRX210 ServicesGateway BootDevices and Dual-RootPartitioningScheme onpage 17
• SRX210 Services Gateway Cooling System on page 18
• SRX210 Services Gateway Power Supply on page 19
SRX210 Services Gateway Built-In Interfaces
Table 8 on page 11 summarizes the interface ports supported on the SRX210 Services
Gateway.
Table 8: SRX210 Services Gateway Built-In Hardware Interfaces
Gigabit Ethernet
•
•
•
•
•
•
•
Both Gigabit Ethernet ports
support Power over Ethernet
on the PoE models of the
SRX210 Services Gateway.
Consist of two fixed ports
Are labeled as port 0/0 and
port 0/1 on the front panel
Use an RJ-45 connector
Provide link speeds of
10/100/1000 Mbps
Operate in full-duplex and
half-duplex modes
Support flow control
Support autonegotiation
and autosensing
DescriptionSpecificationsInterface Type
The Gigabit Ethernetports can
be used as follows:
•
To function as front-end
network ports
•
To provide LAN and WAN
connectivity to hubs,
switches, local servers, and
workstations
•
To forward incoming data
packets to the device
•
To receive outgoing data
packets from the device
•
To connect power devices
to receive network
connectivity and electric
power (PoE functionality)
(For the PoE model of the
SRX210 Services Gateway)
11Copyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Table 8: SRX210 Services Gateway Built-In Hardware
Interfaces (continued)
DescriptionSpecificationsInterface Type
Fast Ethernet
Universal Serial Bus (USB)
•
Consist of six fixed ports
•
Are labeled as port 0/2 to
port 0/7 on the front panel
•
Provide link speeds of
10/100 Mbps
•
Operate in full-duplex and
half-duplex modes
The first two Fast Ethernet
ports support Power over
Ethernet on the SRX210
Services Gateway (PoE
version).
•
Consist of two ports
•
Function in full speed and
high speed
•
Are compliant with USB
revision 2.0
The Fast Ethernet ports can
be used as follows:
•
To provide LAN connectivity
to hubs, switches, local
servers, and workstations
•
To forward incoming data
packets to the device
•
To receive outgoing data
packets from the device
•
To connect power devices
to receive network
connectivity and electric
power (PoE functionality)
(For the PoE model of the
SRX210 Services Gateway)
The USB ports can be used as
follows:
•
To support a USB storage
device that functions as a
secondary boot device in
case of the internal flash
failureon startup,if theUSB
storage device is installed
and configured
NOTE: You must install and
configure the USB storage
device on the USB port to use
it as secondary boot device.
Also, the USB device must
have Junos installed.
•
To provide the USB
interfaces that are used to
communicate with many
types of Juniper supported
USB storage devices.
Contactyour JuniperNetworks
customer service
representative for more
information.
Copyright © 2013, Juniper Networks, Inc.12
Chapter 2: SRX210 Services Gateway Hardware Components and Specifications
Table 8: SRX210 Services Gateway Built-In Hardware
Interfaces (continued)
DescriptionSpecificationsInterface Type
Console
Mini-Physical InterfaceModule
(Mini-PIM)
NOTE: We strongly recommend that only transceivers provided by Juniper
Networks be used on an SRX210 Services Gateway. We cannot guarantee
that the interface module will operate correctly if third-party transceivers
are used. Contact Juniper Networks for the correct transceiver part number
for your device.
•
Consists of one port
•
Uses an RJ-45 serial cable
connector
•
Supports the RS-232
(EIA-232) standard
Consists of one slot for a
Mini-PIM
The console port can be used
as follows:
•
To provide the console
interface
•
To function as a
management port to log
into a device directly
•
To configure the device
using the CLI
The Mini-PIM slot can beused
to provide LAN and WAN
functionality along with
connectivity to various media
types.
For more information about
the supported Mini-PIMs, see
the SRX Series Services
Gateways for the Branch
Physical Interface Modules
Hardware Guide.
Related
Documentation
SRX210 Services Gateway Front Panel and Back Panel Views (Low Memory, High
•
Memory, and PoE Versions) on page 9
• SRX210 Services Gateway LEDs on page 13
• SRX210 ServicesGateway BootDevices and Dual-RootPartitioningScheme onpage 17
• SRX210 Services Gateway Cooling System on page 18
• SRX210 Services Gateway Power Supply on page 19
SRX210 Services Gateway LEDs
This topic includes the following sections:
•
Front Panel LEDs on page 14
•
Ethernet Port LEDs on page 15
13Copyright © 2013, Juniper Networks, Inc.
SRX210 Services Gateway Hardware Guide
Front Panel LEDs
Figure 4 on page 14 shows the SRX210 Services Gateway front panel LEDs.
Table 9 on page 14 lists the LED indicators on the SRX210 Services Gateway front panel.
Figure 4: SRX210 Services Gateway Front Panel LEDs
Table 9: SRX210 Services Gateway Front Panel Components LEDs
UsageDescriptionComponent
Alarm LED
Status LED
Mini-PIM LED
The Alarm LED has the following indicator colors:
•
Solid red indicates a major alarm.
•
Solid amber indicates a minor alarm.
•
Off indicates that the device is starting up.
NOTE: When the system is up and running, if the
Alarm LED is off, it indicates that no alarms are
present on the device.
The Status LED has the following indicator colors:
•
Solid green indicates that the device is
functioning normally.
•
Solid amberindicatesthat the device is starting
up.
•
Solid red indicates that the device has failed.
The Mini-PIM LED has the following indicator
colors:
•
Solid green indicates that the Mini-PIM is
functioning normally.
•
Off indicates that the Mini-PIM is not present
or not detected by the device.
The Alarm LED can be used
to gather information on
major or minor alarms or to
determine if the device is
functioning normally.
The Status LED can be used
to determine whether the
device is starting up, is
functioning normally, or has
failed.
The Mini-PIM LED can be
used to determine if the
Mini-PIM is present and
detected by the device.
Copyright © 2013, Juniper Networks, Inc.14
Loading...