ScreenOS telnet session timeout

Just been scratching my head about how to change the telnet session timeout on a Juniper SSG-140. I wanted to change from the default of 60 seconds to something more reasonable. Looked in the config and there’s a line in there which reads “set admin auth timeout 60”, but when I try to put in “set admin auth timeout 360” I get the following:

NS1(M)-> set admin auth timeout 360
^----------unknown keyword timeout
NS1(M)->

Unknown keyword, despite being able to see it in the config?

It seems that I needed to use a different command – “set console timeout 360”. This command governs the console port and any telnet sessions, while the command I thought I needed to use affects WebUI and SSH sessions only.

Problem Upgrading Netscreen Via Web User Interface

Banged my head against the wall for a couple of hours yesterday trying to upgrade a Netscreen 208 from 5.2 to 5.3 ScreenOS, and finally managed it.

It is a procedure that requires a “step-up” image – you can’t go straight to the latest and greatest version of 5.3 in one bound unfortunately. Manufacturers quite often do this when there is some major architectural change to the flash filesystem or the programming of the ASICs, and they don’t want to include the change in all the future versions of their code.

So anyway, I was trying to get the web user interface to accept this step-up image, and every time I tried it told me that the file was either too big or was empty.

A look at the release notes and I noticed a known issue – something about buffer sizes in the web user interface. So I wondered if this might affect my upload of code… I switched to the CLI, ran up the trusty 3CDaemon TFTP server and it worked like a charm.

The command to do this was:

save software from tftp 10.1.1.10 ns200.5.3.0r5.0 to flash

Subsequent upgrades work fine in the web interface, so they must have fixed the issue.