JunOS Download

[747builder]

Well, latest update from Juniper.net...

Hi David,

I’ve asked our Support Renewal team to prepare an official quote.

However, as an unofficial budgetary price for recertification, you would be looking at an estimated USD $3K/switch.

Can you share the Proof of Purchase from your vendor “-------------- ----------------” where you purchased the switches?

Thanks,
-------------

Did I say chocolate and flowers... maybe I should say child support and alimony? $3K/switch USD to recertify used switches is just wrong, that's 5x what we paid for them.

This is typical of both Juniper and Cisco... and lets not forget after they show up and recertify it for the $3K that they want there yearly support contract money and then you *MIGHT* get lucky.

my best suggestion is hunt around for "junos-arm-" and the version number is after that, you can match the checksum of the archive to Junipers website and the switch wont install a unsigned or wrong switches firmware.

 

[747builder]

I forgot to add, I even inspected the temporary image locations on both switches just in case there was still a firmware file in it that I could use to flash the other switch to the same version... No such luck, storage constraints on these switches usually results in admins deleting the images and zeroize is known to typically delete the contents, both switches were zeroized before being sold

I end up getting juniper switches very frequently from the used market and/or fleabay and all but *2* have had bootable JunOS on them (over 300 switches over the years). Most even still had there config on them.

With that said the EX-3400 is EoL and Software EoL is November 2024.

What versions are on both Switches?
and which version is on the one that is acting up?

and I've never seen JunOS change the SSH key by iteself.

in VC, you only administer the switch stack by connecting to the master switch...

Send me a PM. Something doesn't sound right in your network or your config.

 

[prog1yeshiva]

Can anyone help we with a non-limited junos file for the ex4300?

 

[747builder]

Can anyone help we with a non-limited junos file for the ex4300?

they are around on the internet. just have to hunt by partial filename.

 

[daveb-ne]

Well that sucks, as it looks like - 747builder you were my only hope.

I work at an small business and we purchased 2 EX3400s back in December of 2024. After much cursing and a crash course in Junos CLI, I got both switches working reliably and installed first one and then a few weeks later the other, into our network.

For months I struggled with using SSH to connect to the second switch to manage it. Every time I connected the SSH Key changed, the only way to resolve the loss of connection was to log in with the console and reset the SSH connection (picture this: climb a 10ft ladder with a laptop and connect the usb2serial to console cable).

Which would only work once and then I would have to repeat. Short version of the story: I removed the second switch from the network and have been examining my options for remote management.

vChassis - looked like the perfect solution (and the connection between the switches would be even faster!), we purchased a compatible active QSFP+ cable and connected the 2 switches together... Both routers auto configured to make use of the interconnect!! Except, a device connected to the 2nd switch did not get an IP address. Why? A lot of searching the internet later and trying a zeroize of both devices followed by connecting them together - I was forced to conclude: mismatched firmware versions.

On the plus side, I'm getting really good at reconfiguring an EX3400 from zero.

I contacted the vendor (reputable 2nd hand network hardware online sales), they "do not have firmware for the devices that they sell".

Searched the internet, found firmware for other Juniper devices but not for EX3400s. Even found some other devices firmware files whose MD5s match those from Juniper.

Contacted support at Juniper.net... After much back and forth, this is the answer I got:

Hi David,

Looks like those are gray market devices that were initially assigned to a Community School District in ---------------------- ------------------ USA customer, and they would need to be recertified before any support or licensing can be applied.

Attached is our Grey Market product reinstatement policy. Please take a read. We would need you to comply with the details listed before our inspections team will agree to provide a quote to bring your devices back into compliance.

Thanks,
------------- --------------

The policy that juniper sent me, amounts to "blanket agree to anything that we might charge you, before we help". They even specified that I will be on the hook for any and all charges regardless of whether they are able to re-certify the devices. Usually I get chocolate and flowers before things like this happen.

If anyone reading this was entertained by my story, I'm still looking for firmware that I could flash to both switches to get vchassis working.

Thank you,

David B.

A couple of questions regarding setup...
If I can get both switches on the same firmware are these VC related commands that I should run?

delete chassis redundancy graceful-switchover > From what I have researched this prevents the 2nd switch from taking over from the first one, but I'm not sure if I should use it.

set virtual-chassis no-split-detection > required on a 2 member vChassis, which this will be... hopefully, eventually, maybe...

set virtual-chassis member 0 mastership-priority 128 > I would set the 2nd switch as member 1 mastership-priority 255 - this supposedly prevents the VC from eventually "crashing" due to not being able to resolve which switch is in "charge".

 

[daveb-ne]

Well, latest update from Juniper.net...

Hi David,

I’ve asked our Support Renewal team to prepare an official quote.

However, as an unofficial budgetary price for recertification, you would be looking at an estimated USD $3K/switch.

Can you share the Proof of Purchase from your vendor “-------------- ----------------” where you purchased the switches?

Thanks,
-------------

I was advised by 747Builder that my ex3400s are and I quote:

With that said the EX-3400 is EoL and Software EoL is November 2024.

When I challenged Juniper support with this information, I asked if they were trying to get money out of us for devices that are already EOL and which their blanket contract precludes from being able to be recertified... I was told that they would look into my concern, and never heard from them again. Even after sending follow-up emails.

Moral of the story: Watch out! Their salespeople are eager to make a sale, even if it's for phantom-ware.

 

[daveb-ne]

So I goofed up loading an updated firmware which has resulted in a boot loop and now can only reach this prompt

=> after pressing ctrl+c during the boot loop

these are the commands that I have access to:

=> ?
? - alias for 'help'
base - print or set address offset
bdinfo - print Board Info structure
boot - boot default, i.e., run 'bootcmd'
bootd - boot default, i.e., run 'bootcmd'
bootelf - Boot from an ELF image in memory
bootm - boot application image from memory
bootp - boot image via network using BOOTP/TFTP protocol
bootvx - Boot vxWorks from an ELF image
cmp - memory compare
coninfo - print console devices and information
cp - memory copy
crc32 - checksum calculation
dcache - enable or disable data cache
dhcp - boot image via network using DHCP/TFTP protocol
echo - echo args to console
editenv - edit environment variable
eeprom - EEPROM sub-system
env - environment handling commands
erase - erase FLASH memory
exit - exit script
false - do nothing, unsuccessfully
fatinfo - print information about filesystem
fatload - load binary file from a dos filesystem
fatls - list files in a directory (default /)
fatsize - determine a file's size
flinfo - print FLASH memory information
go - start application at address 'addr'
gpt - GUID Partition Table
help - print command description/usage
i2c - I2C sub-system
icache - enable or disable instruction cache
iminfo - print header information for application image
imxtract- extract a part of a multi-image
interrupts- enable or disable interrupts
itest - return true/false on integer compare
loadb - load binary file over serial line (kermit mode)
loads - load S-Record file over serial line
loadx - load binary file over serial line (xmodem mode)
loady - load binary file over serial line (ymodem mode)
loop - infinite loop on address range
md - memory display
mdc - memory display cyclic
mfgcfg - mfgcfg - manufacturing config of EEPROMS

mii - MII utility commands
mm - memory modify (auto-incrementing address)
mtest - simple RAM read/write test
mw - memory write (fill)
mwc - memory write cyclic
nm - memory modify (constant address)
ping - send ICMP ECHO_REQUEST to network host
poe - poe - poe test commands

printenv- print environment variables
protect - enable or disable FLASH write protection
reset - Perform RESET of the CPU
rtc - rtc - get/set/reset date & time

run - run commands in an environment variable
saveenv - save environment variables to persistent storage
setenv - set environment variables
setexpr - set environment variable as the result of eval expression
sf - SPI flash sub-system
showvar - print local hushshell variables
sleep - delay execution for some time
source - run script from memory
sspi - SPI utility command
syspld - syspld - EPLD test commands

test - minimal test like /bin/sh
tftpboot- boot image via network using TFTP protocol
true - do nothing, successfully
usb - USB sub-system
usbboot - boot from USB device
version - print monitor, compiler and linker version

usb start - starts the USB hub and scans for connected devices
usb info / usb storage / usb part allowed me to find information about the connected device

usbboot usb 1:1 > using a previously created snapshot, resulted in
** Unknown image type

fatls - requires that the USB device be in fat16 or fat32 to be able to read the files.

Using other files that I have .TGZ or .IMG
results in being able to view the list of files on the device

fatls ubs 1:1

system volume information/
349023564 junos-arm-32-23.4.tgz

1 file(s), 1 dir(s)

usbboot usb 1:1 junos-arm-32-23.4.tgz

Loading from usb device 1, partition 1: Name: usbdb1 Type: U-Boot
** Unknown image type

AI suggested that I try:

usbboot 0x2000000 usb 0:1

Usage:
usbboot loadAddr dev: part

so helpful, AI suggested that I try loading a direct written image using RUFUS or dd from the USB drive.

same errors

AI then suggested that the image needed to be a running image not an install image, ok. Created said image using another working EX3400 via request system snapshot media usb

same errors

argghhh!!! what am I missing?

 

[daveb-ne]

So I goofed up loading an updated firmware which has resulted in a boot loop and now can only reach this prompt

=> after pressing ctrl+c during the boot loop

these are the commands that I have access to:

=> ?
? - alias for 'help'
base - print or set address offset
bdinfo - print Board Info structure
boot - boot default, i.e., run 'bootcmd'
bootd - boot default, i.e., run 'bootcmd'
bootelf - Boot from an ELF image in memory
bootm - boot application image from memory
bootp - boot image via network using BOOTP/TFTP protocol
bootvx - Boot vxWorks from an ELF image
cmp - memory compare
coninfo - print console devices and information
cp - memory copy
crc32 - checksum calculation
dcache - enable or disable data cache
dhcp - boot image via network using DHCP/TFTP protocol
echo - echo args to console
editenv - edit environment variable
eeprom - EEPROM sub-system
env - environment handling commands
erase - erase FLASH memory
exit - exit script
false - do nothing, unsuccessfully
fatinfo - print information about filesystem
fatload - load binary file from a dos filesystem
fatls - list files in a directory (default /)
fatsize - determine a file's size
flinfo - print FLASH memory information
go - start application at address 'addr'
gpt - GUID Partition Table
help - print command description/usage
i2c - I2C sub-system
icache - enable or disable instruction cache
iminfo - print header information for application image
imxtract- extract a part of a multi-image
interrupts- enable or disable interrupts
itest - return true/false on integer compare
loadb - load binary file over serial line (kermit mode)
loads - load S-Record file over serial line
loadx - load binary file over serial line (xmodem mode)
loady - load binary file over serial line (ymodem mode)
loop - infinite loop on address range
md - memory display
mdc - memory display cyclic
mfgcfg - mfgcfg - manufacturing config of EEPROMS

mii - MII utility commands
mm - memory modify (auto-incrementing address)
mtest - simple RAM read/write test
mw - memory write (fill)
mwc - memory write cyclic
nm - memory modify (constant address)
ping - send ICMP ECHO_REQUEST to network host
poe - poe - poe test commands

printenv- print environment variables
protect - enable or disable FLASH write protection
reset - Perform RESET of the CPU
rtc - rtc - get/set/reset date & time

run - run commands in an environment variable
saveenv - save environment variables to persistent storage
setenv - set environment variables
setexpr - set environment variable as the result of eval expression
sf - SPI flash sub-system
showvar - print local hushshell variables
sleep - delay execution for some time
source - run script from memory
sspi - SPI utility command
syspld - syspld - EPLD test commands

test - minimal test like /bin/sh
tftpboot- boot image via network using TFTP protocol
true - do nothing, successfully
usb - USB sub-system
usbboot - boot from USB device
version - print monitor, compiler and linker version

usb start - starts the USB hub and scans for connected devices
usb info / usb storage / usb part allowed me to find information about the connected device

usbboot usb 1:1 > using a previously created snapshot, resulted in
** Unknown image type

fatls - requires that the USB device be in fat16 or fat32 to be able to read the files.

Using other files that I have .TGZ or .IMG
results in being able to view the list of files on the device

fatls ubs 1:1

system volume information/
349023564 junos-arm-32-23.4.tgz

1 file(s), 1 dir(s)

usbboot usb 1:1 junos-arm-32-23.4.tgz

Loading from usb device 1, partition 1: Name: usbdb1 Type: U-Boot
** Unknown image type

AI suggested that I try:

usbboot 0x2000000 usb 0:1

Usage:
usbboot loadAddr dev: part

so helpful, AI suggested that I try loading a direct written image using RUFUS or dd from the USB drive.

same errors

AI then suggested that the image needed to be a running image not an install image, ok. Created said image using another working EX3400 via request system snapshot media usb

same errors

argghhh!!! what am I missing?

Progress update, It was suggested that I try an older USB drive. Managed to dig out an old 4GB verbatim USB drive. I managed to get the Juniper EX3400 to see and start to boot from the connected drive with an image on it. Now I get start address is not aligned errors, is this device related or USB drive related or command related?

=> usbboot dev 1

Loading from usb device 1, partition 1: Name: usbdb1 Type: U-Boot
ERROR: v7_dcache_inval_range - start address is not aligned - 0x000000de
ERROR: v7_outer_cache_inval_range - start address is not aligned - 0x000000de
data abort
pc : [<dff49ffc>] lr : [<dff4f864>]
reloc pc : [<1e041ffc>] lr : [<1e047864>]
sp : dfeb5ae4 ip : 00000000 fp : 1e000020
r10: 1e0820b6 r9 : dfeb7f00 r8 : 00000000
r7 : 00000000 r6 : dff3aa64 r5 : dff90bf8 r4 : dff7e600
r3 : 00000001 r2 : 0000ffff r1 : 000000de r0 : 000000de
Flags: nZCv IRQs off FIQs off Mode SVC_32
Resetting CPU ...

resetting ...

Argh, AI states:

junos-install-media-usb-ex-arm-32-23.4R2-S5.8.img	NO	ARM64	“Unknown image type”
junos-install-media-usb-ex-3400-arm-.img	YES	ARM32	Boots and installs

junos-install-media-usb-ex-arm-32-23.4R2-S5.8.img

is for EX4100/EX4300MP and ACX/QFX ARM platforms, not EX3400.

I have the wrong image...

 

[daveb-ne]

New issue, we now own one of the last purchasable Juniper branded SRX380s from a Juniper vendor (Once restocked they will be branded HPE and model numbers may change, or so I've been told). We even have a SW license for the SRX380! I know, amazing... HPE has broken everything, when I go to try and download an update for my device... I get auto-forwarded to the HPE support site and my device serial number is unrecognized. I've complained to our account rep, who and I quote " I reached out to our Mist Ops and Specialist on this matter. Still waiting for a response, however I just pinged them again this morning for an update and expressed the critical urgency. "
Please tell me I'm not the only one rotting in buy-out purgatory.

 

[747builder]

New issue, we now own one of the last purchasable Juniper branded SRX380s from a Juniper vendor (Once restocked they will be branded HPE and model numbers may change, or so I've been told). We even have a SW license for the SRX380! I know, amazing... HPE has broken everything, when I go to try and download an update for my device... I get auto-forwarded to the HPE support site and my device serial number is unrecognized. I've complained to our account rep, who and I quote " I reached out to our Mist Ops and Specialist on this matter. Still waiting for a response, however I just pinged them again this morning for an update and expressed the critical urgency. "
Please tell me I'm not the only one rotting in buy-out purgatory.

please tell me you bought a support contract for this from this Juniper vendor and is it new?

 

[747builder]

Progress update, It was suggested that I try an older USB drive. Managed to dig out an old 4GB verbatim USB drive. I managed to get the Juniper EX3400 to see and start to boot from the connected drive with an image on it. Now I get start address is not aligned errors, is this device related or USB drive related or command related?

=> usbboot dev 1

Loading from usb device 1, partition 1: Name: usbdb1 Type: U-Boot
ERROR: v7_dcache_inval_range - start address is not aligned - 0x000000de
ERROR: v7_outer_cache_inval_range - start address is not aligned - 0x000000de
data abort
pc : [<dff49ffc>] lr : [<dff4f864>]
reloc pc : [<1e041ffc>] lr : [<1e047864>]
sp : dfeb5ae4 ip : 00000000 fp : 1e000020
r10: 1e0820b6 r9 : dfeb7f00 r8 : 00000000
r7 : 00000000 r6 : dff3aa64 r5 : dff90bf8 r4 : dff7e600
r3 : 00000001 r2 : 0000ffff r1 : 000000de r0 : 000000de
Flags: nZCv IRQs off FIQs off Mode SVC_32
Resetting CPU ...

resetting ...

Argh, AI states:

junos-install-media-usb-ex-arm-32-23.4R2-S5.8.img	NO	ARM64	“Unknown image type”
junos-install-media-usb-ex-3400-arm-.img	YES	ARM32	Boots and installs

junos-install-media-usb-ex-arm-32-23.4R2-S5.8.img

is for EX4100/EX4300MP and ACX/QFX ARM platforms, not EX3400.

I have the wrong image...

ran across this in my notes this morning. though I've never tried it on a EX2300/EX3400 which uses the same image

login to your good switch with admin credentials and plug in a old 4gb USB attached (wipe it first) and type
"request system snapshot media usb partition" without the quotes obviously. you may have to use the ? if it wont take that line.

 

[daveb-ne]

please tell me you bought a support contract for this from this Juniper vendor and is it new?

Hello 747builder,

Yes it's brand new bought from a recognized Juniper vendor, as part of the purchase they (PC-Canada) registered both the device and the software license with Juniper.

Took me a few days to learn that the license needed to be linked to the device via Juniper's license portal, Juniper support advised me that the unlinked license was why I could not download the update. Linked the license and added it to our router, still not able to access the latest FW.

Our account rep advised me to create another support case outlining my steps so far, the most recent response on the case is that I need to confirm that my email address is not a group email... Have done so, waiting for the next response.

Thanx.

As an aside to any Small-Medium-Businesses, considering Juniper for their qualified Network device needs (CMMC lvl 2):

• Do not buy grey market (ie: used) devices, unless you are prepared to accept Juniper's re-qualification lottery. I was quoted 3K$ / device to re-qualify some EX3400 devices, it does not apply to EOL devices (ie: EX3400s) and is not guaranteed.
• Ensure that you get a Juniper license with JTAC support (Our account rep has recommended at least Core level), for each device. Or when you create a case you will be up "that" creek without a paddle.
• Be aware that the buy-out of Juniper by HPE has negatively impacted their support, I have also experienced links being changed to HPE without Juniper content (my license, the fact that my device is now an HPE device, etc.) having first been transferred. Obviously, HPE should resolve these issues... eventually.
• Devices come with the most basic of settings, if your company has been using consumer switches and routers until now, you are in for a shock. A Juniper switch will work as a switch without making any changes, of course none of the goodies required for CMMC lvl 2, like logging will be active until you configure it.
• A Juniper router/firewall also works as a switch until you configure it. I took the set configuration of our SRX380 router from it's default of about 30 lines to almost 300 lines, this only covers; hardening, some basic local logging, DHCP reservation for 70 devices, adding the connection setting for our 3 WANs, setting up the firewall to allow an internet connection and whitelisting our VOIP providers servers.
• I still need to resolve routing issues (VOIP devices have their own switch and their traffic cannot touch our internal network or everything VOIP related also needs to be CMMC compliant $$) and implement some form of QOS (Juniper calls it Class of Service?) which must be manually configured (by port and level of priority). If you need help with this, you will need better than Core level JTAC support.
• Juniper devices are expensive (think 20K$ per device). Their licensing is also expensive. Their online monitoring and setup tool (MIST) requires additional licensing and unlike Zyxel's Nebula portal, without a license all you can do is add your device to the MIST portal.
• HPE did not buy Juniper to provide the little people the best deals possible... HPE bought Juniper to make money, so expect price increases across the board. I would suggest that if you already have 1 year licenses, that you purchase multi-year extensions now, if your budget allows. Otherwise start laying the ground work to prepare your company for an increase in licensing costs.

 

[Xedon]

Hello all
I just bought an EX2300-48P (non‑MP) for my homelab. It currently runs 22.2R3-S3.18, but I suspect the firmware is buggy. The fxpc process is showing unusually high cpu usage (around 40–50%).
Can anyone help me get a more recent release? The recommended train appears to be 23.4R2‑Sx, so the latest recommended build would be 23.4R2‑S7.

EDIT: I just used Juniper Mist and was able to upgrade the firmware for free

 

[hydromike]

I was wondering if any has access to the SRX4100 images, I just inherited 3 new in box with Junos-20.1. I was just told 20k for each to be to Recertified. I am crossing my fingers that someone might have a newer version.

 

[CrashRB]

Can anyone help we with a non-limited junos file for the ex4300?

Any luck finding one? I am ideally looking for jinstall-ex-4300-21.4R3-S12 but not can't find it with any search jinstall-ex-4300-21.4R3-S12-X-signed.tgz

I know jinstall-ex-4300-21.4R3-S11.3-signed.tgz is the correct file name for S11 but also can't find any references to that one.

 

[prog1yeshiva]

Any luck finding one? I am ideally looking for jinstall-ex-4300-21.4R3-S12 but not can't find it with any search jinstall-ex-4300-21.4R3-S12-X-signed.tgz

I know jinstall-ex-4300-21.4R3-S11.3-signed.tgz is the correct file name for S11 but also can't find any references to that one.

I can tell you that I did find the files but it was kind of a mess and I can't tell you where it was. Honestly I don't remember. One of the files jweb would not work with it. For some this doesn't matter. I know Jweb is problematic. Then there were files with serious security issues on them. For us jweb was important and I learned that actually the jweb that comes with the Junos files is a very basic Jweb and the full version (to do most things in Jweb you need this) is a separate download. What we ended up doing was installing the latest version of Junos that we could find which had no major security alerts and then install a less up to date (but still quite new) version of Jweb. The reason was that the version of Jweb that went with what we found just kept crashing. We found a version of Jweb that wasn't the one meant for the Junos version that we have but it was close enough and it works fine. Honestly I did everything with the cli but our management said that maybe someone else might have to take care of something in the future and he would have a hard time with the cli. We are a small team and I am the only one that manages our servers. If something was urgent and I was unavailable the Jweb would be a must. It should be noted that if your reason for updating is to get rid of that annoying alert in the Jweb interface after login then I hate to be the bearer of bad news but you will not find a version online that gets rid of that. As soon as they release and update that alert will appear and we didn't find the very latest version that you see on their website. IMO your best bet is to just find a version that has no major security alerts and then practice good security. Make sure the switch is behind a firewall without a public ip. You don't have to give the switch access to the internet if you don't want which means not setting a gateway. Ideally you would have a separate network with a separate vlan for the management of the switch. IMO this is fine for minor security alerts but not for major ones. If you don't care about major security issues then I am guessing that you wouldn't be updating in the first place. Of course ideally you would just use the cli and then you would probably have no issues.

 

[CrashRB]

I can tell you that I did find the files but it was kind of a mess and I can't tell you where it was. Honestly I don't remember. One of the files jweb would not work with it. For some this doesn't matter. I know Jweb is problematic. Then there were files with serious security issues on them. For us jweb was important and I learned that actually the jweb that comes with the Junos files is a very basic Jweb and the full version (to do most things in Jweb you need this) is a separate download. What we ended up doing was installing the latest version of Junos that we could find which had no major security alerts and then install a less up to date (but still quite new) version of Jweb. The reason was that the version of Jweb that went with what we found just kept crashing. We found a version of Jweb that wasn't the one meant for the Junos version that we have but it was close enough and it works fine. Honestly I did everything with the cli but our management said that maybe someone else might have to take care of something in the future and he would have a hard time with the cli. We are a small team and I am the only one that manages our servers. If something was urgent and I was unavailable the Jweb would be a must. It should be noted that if your reason for updating is to get rid of that annoying alert in the Jweb interface after login then I hate to be the bearer of bad news but you will not find a version online that gets rid of that. As soon as they release and update that alert will appear and we didn't find the very latest version that you see on their website. IMO your best bet is to just find a version that has no major security alerts and then practice good security. Make sure the switch is behind a firewall without a public ip. You don't have to give the switch access to the internet if you don't want which means not setting a gateway. Ideally you would have a separate network with a separate vlan for the management of the switch. IMO this is fine for minor security alerts but not for major ones. If you don't care about major security issues then I am guessing that you wouldn't be updating in the first place. Of course ideally you would just use the cli and then you would probably have no issues.

Thanks for your feedback. I ended up just buying another switch off Ebay that came with the latest firmware installed.

 

[spamator12]

Hi guys, I soon will get old Juniper EX4300-48P (L2/L3 layer switch) just to play with it a little - nothing security/enterprise/administration/stacking related, so I guess I will need to update it first. From CEC Juniper Community I can see that:

21.4R3-Sx

is the latest firmware. So... cause this is an old model I don't think it has any support license, but I don't mind that. Here are license models - https://www.juniper.net/documentati.../concept/software-license-model-overview.html

I do not understand a thing here - I only want this switch to have security updates (cause I probably configure it wrong) and be able to use it to full hardware&software potential (for testing and learning purpose - by configuring everything by my self by CLI - I do not need support or paid GUI/virtual something things - I just need to remotely connect to it and test some configs).

So as I understand I need to get the system update file from somewhere, use the https://forums.servethehome.com/index.php?threads/junos-download.7729/post-451822 to get the password and install the latest software via Console cable?

 

[klui]

EDIT: Nevermind, I can't download firmware, but apparently upgrading through Mist is A-OK.

I've seen several others here where they posted upgrading firmware through Mist is permitted. Did you run into any restrictions on adopting a device?

 

[prog1yeshiva]

I've seen several others here where they posted upgrading firmware through Mist is permitted. Did you run into any restrictions on adopting a device?

A device bought from Ebay etc is the grey market and according to Juniper you have no right to the firmware in such a case. BTW I can tell you that we have Dell servers well out of support and we recently downloaded the latest firmware no problem but Juniper is different. In any case the only way is to look for firmware online specifically for your device. You then need to apply the firmware through the console or ssh. You cannot download from Juniper directly unless you are willing to pay a lot. At that point it would probably just be worth it to buy a brand new device which is exactly why they do this.