JBAS011469 Error in Junos Space

9 09 2016

Just went onto a customer’s Junos Space/Security Director installation to discover that their SRX5800 was showing as ‘out of sync’.    I tried to do a ‘Resynchronize with Network’ from the Device Operations menu, but this failed with the following error:

Error while reading config from device: <devicename> javax.persistence. TransactionRequiredException: JBAS011469: Transaction is required to perform this operation (either use a transaction of extended persistence context)
jbas011469

JBAS011469 error in Space 15.2

Unfortunately (like most Space-related errors) there’s nothing about this in Juniper’s knowledgebase – the only hit I found on a Google search was a similar error, but with a different cause that had been fixed.   So I thought I’d put this here in case it helps anyone.   Read the rest of this entry »





Setting up vSRX and Space in VMware Fusion

9 08 2016

I’m going to be travelling a bit in the near future and wanted an easy, laptop-based Juniper device and Junos Space instance to mess with. I’ve recently made some headway with CLI configlets and wanted to build on what I’ve got working.

I already run VMware Fusion on the Mac in order to run Ubuntu and Windows, so I figured that was the best thing to use. What I wanted was two VMs that could see each other and be accessed from the host machine, but without them being dependent on the host’s interfaces being up. Wifi access would be chargeable, and wired impossible – without making an ethernet loopback plug to bring the Mac’s interface up artifically, that is. So that ruled out both bridged and NAT type connections. What I needed was some kind of internal network within the host – Fusion seems to call this a ‘Private to my Mac’ connection. Read the rest of this entry »





Junos Space Log Collector – Utilities

5 08 2016

The Juniper documentation on log collector is a bit sparse to be honest, and once it is installed, SSHing to it doesn’t seem to produce a configuration menu any more.  In order to change its config, there are some scripts, but I had to dig around for them: Read the rest of this entry »





EVPN – the basics

25 07 2016

A great EVPN overview and detailed walkthrough from a colleague of mine… Nice and clear.

PACKETS AND STUFF

So I decided to take a deep dive into eVPN, I’ll mostly be looking into VLAN-aware bundling, as per RFC 7432 – and mostly because I think this will fit more closely, with the types of deployments most of the customers are used to – good old IRB interfaces and bridge-tables!

As everyone knows, VPLS has been available for many years now and it’s pretty widely deployed, most of the customers I see have some flavour of VPLS configured on their networks and use it to good effect – so why eVPN? what’s the point in introducing a new technology if the current one appears to work fine.

The reality is that multipoint layer-2 VPNs (VPLS) were never quite as polished as layer-3 VPNs, when layer-3 VPNs were first invented they became, and still are the in many cases the “go to” technology for layer-3 connectivity across MPLS networks, and…

View original post 4,444 more words





Forgotten ‘maintenance’ password for Junos Space

30 06 2016

The maintenance users password can be reset in Junos Space if you still have access via the CLI:

  • SSH to the Space host
  • Log in as the admin user
  • Choose the debug option on the menu (6 or 7, depending on whether this is a VM or an appliance).  Just press the number, not the number followed by return!
  • Put in the admin user’s password again.  You’re now in the Centos shell.
  • Issue the command ‘htpasswd -sb /var/www/maintenance/maintPW maintenance <newpassword>

 

Simple as that…   I was never sure why an additional maintenance password was required as well as the admin user and the GUI super user password.  Makes it a pain to keep a record of, but there you go – presumably there’s a good reason.





Location of images on Junos Space after upload

23 06 2016

Just a note for my own reference really –

The images you upload via the GUI to upgrade Space end up on the filesystem in /var/cache/jboss/jmp/<imageversion> directory.  In that directory is the actual image, plus a file called appVersionListFile.txt – this file seems to tell the system what other Space apps it is compatible with.

It seems to upload the image into this directory, and then extracts all the various .rpm files from it into /var/cache/jboss/jmp/payloads/<imageversion> directory.

 

I confirmed this by performing an ‘rm -rf <imageversion>’ on both the above directories, then uploading another image via the GUI again.  Both directories re-appeared.  I doubt this is recommended by TAC though, so do this at your own peril.

 





Junos Space – checking processes are running

10 03 2016

After two miserable nights trying to upgrade Space 13.1R1.6 to 14.1R1.9,  I finally called up JTAC for some assistance.  For some reason the upgrade started, but never finished – the GUI remaining in ‘maintenance mode’ for several hours.

What they did:

Read the rest of this entry »