Manuals+

Day One+ SRX345

A guide to quickly get your Juniper Networks SRX345 Services Gateway up and running.

Step 1: Begin

This guide provides a simple, three-step path to quickly get you up and running with your new SRX345. It simplifies and shortens installation and configuration steps, including how-to videos. You will learn how to install the SRX345 in a rack, power it up, and deploy it on your network using the CLI.

Note: For step-by-step instructions on securing and validating your branch location, check out the Guided Setup: SRX300 Line Firewalls. For hands-on experience, visit Juniper Networks Virtual Labs and reserve a free sandbox.

Meet the SRX345

The Juniper Networks SRX345 Services Gateway securely consolidates security, routing, switching, and WAN connectivity in a compact 1-U chassis. It supports up to 5-Gbps firewall throughput and 800-Mbps IPsec VPN, suitable for midsize, distributed-enterprise locations. It integrates with Juniper Sky Enterprise and Contrail Service Orchestration (CSO) for automated SD-WAN. A zero-touch provisioning (ZTP) feature simplifies branch network connectivity. The SRX345 features eight 1 GbE RJ-45 ports, eight 1 GbE SFP ports, one management port, one console port, and four Mini-Physical Interface Module (Mini-PIM) slots. RJ-45 and SFP ports support MACsec. AC models have single or dual AC power supplies; DC models have a single power supply. This guide covers SRX345 AC models.

Description of SRX345 Image: The Juniper SRX345 Services Gateway is shown. It is a compact, rack-mountable network device with numerous ports and indicators on the front panel.

Install the SRX345 in a Rack

What's in the Box?

  • SRX345 Services Gateway
  • Power cord appropriate for your geographic location
  • RJ-45 cable
  • DB-9 adapter
  • USB cable
  • Two mounting brackets
  • Eight mounting screws

What Else Do I Need?

  • Someone to help with installation
  • Rack mount screws appropriate for your rack
  • A number two Phillips (+) screwdriver

Rack It

  1. Review General Safety Guidelines and Warnings.
  2. Wrap and fasten one end of the electrostatic discharge (ESD) grounding strap around your bare wrist, and connect the other end to a site ESD point.
  3. Attach the mounting brackets to the sides of the SRX345 using the eight mounting screws and the screwdriver. Brackets can be attached to the front or center mounting holes depending on desired rack placement.
  4. Lift the SRX345 and position it in the rack. Align the bottom hole in each mounting bracket with a hole in each rack rail, ensuring the SRX345 is level.
  5. While holding the SRX345 in place, have a second person insert and tighten the rack mount screws to secure the mounting brackets. Tighten the bottom screws first, then the top screws.
  6. Check that the mounting brackets on each side of the rack are level.

Description of Rack Installation Diagram: Illustration depicting the SRX345 being lifted and positioned into a server rack. Mounting brackets on the device align with holes in the rack rails.

Power On

Now that your SRX345 is installed, connect it to power.

  1. Attach an electrostatic discharge (ESD) grounding strap to your bare wrist and connect the other end to the ESD point on the rack.
  2. Attach a grounding cable to earth ground, and then attach the other end to the grounding point on the side panel of the SRX345.
  3. Plug the power cord into the SRX345 rear panel.
  4. If the AC power source outlet has a power switch, turn it off.
  5. Plug the other end of the power cord into the AC power source outlet.
  6. If the AC power source outlet has a power switch, turn it on.
  7. If using dual AC power supplies, repeat steps 3 through 5 for the second power supply.

The SRX345 powers up upon connection. The PWR and STAT LEDs on the front panel will be solid green when ready.

Description of Front Panel LEDs: The front panel of the Juniper SRX345 features several LEDs and ports, including PWR, STAT, ALARM, MPIM slots, RJ-45 ports, and a console port.

Description of Grounding Diagram: Diagram illustrating the connection of a grounding cable from the SRX345 side panel to earth ground.

Description of Power Connection Diagram: Illustration showing a power cord being plugged into the rear panel of the SRX345.

Step 2: Up and Running

With the SRX345 powered on, proceed with initial configuration to get it running on the network.

SRX345 Provisioning Options

You can choose the configuration tool that suits your needs:

  • Junos CLI commands: Configure the SRX345 using CLI commands that leverage factory defaults.
  • J-Web: Use the preinstalled Juniper Networks Setup wizard. Refer to the J-Web User Guide for SRX Series Devices for details on using the J-Web setup wizard.
  • Juniper Sky Enterprise: A Juniper Networks-hosted cloud-based SaaS solution. Requires a Juniper Sky Enterprise subscription. Check out the Juniper Sky Enterprise Getting Started Guide.
  • Juniper Networks Contrail Service Orchestration (CSO): Requires an authentication code. See the Contrail Service Orchestration (CSO) Deployment Guide.

For Junos OS Release 19.2 or earlier, use Juniper Networks Network Service Controller to configure the SRX345 with ZTP. See Configure the Device Using ZTP with Juniper Networks Network Service Controller.

Initial Configuration Using the CLI

You can use the console port for initial configuration, starting from a factory default. Refer to the SRX345 Services Gateway Hardware Guide for factory default details.

Connect to the Serial Console Port

  1. Plug one end of the Ethernet cable into the RJ-45 to DB-9 serial port adapter for your SRX345.
  2. Plug the RJ-45 to DB-9 serial port adapter into the serial port on the management device.
  3. Connect the other end of the Ethernet cable to the serial console port on the SRX345.
  4. Start your asynchronous terminal emulation application (e.g., Microsoft Windows HyperTerminal) and select the appropriate COM port (e.g., COM1).
  5. Verify serial port settings: Baud rate: 9600, Parity: N, Data bits: 8, Stop bits: 1, Flow control: None.

Note: You can also connect using a mini-USB console port. See the SRX345 Hardware Guide.

Description of Console Connection Diagram: Diagram showing an Ethernet cable connecting the SRX345's console port to an RJ-45 to DB-9 serial adapter, which is then connected to a management device.

Perform Initial Configuration

  1. Login as root user and start the CLI. No password needed for factory default. 
    login: root
root@%cli
root>
  2. Enter configuration mode: 
    root> configure
[edit]
root#
  3. To deactivate ZTP, remove related configurations and set a root authentication password: 
    [edit]
root# delete chassis auto-image-upgrade
root# delete system phone-home
root# set system root-authentication plain-text-password
New password: password
Retype new password: password
    Commit the changes: 
    [edit]
root# commit
  4. Enable root login over SSH and allow SSH access over the WAN interface (ge-0/0/0): 
    [edit]
root# set system services ssh root-login allow
root# set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
  5. Configure the hostname: 
    [edit]
root# set system host-name host_name
  6. Commit the configuration to activate changes: 
    [edit]
root# commit

Congratulations! Your SRX is Up and Running

Your SRX345 is now online, providing secure Internet access. Manage it locally or remotely via CLI, J-Web, or cloud provisioning.

Network Overview: A network diagram illustrates the SRX345's role in a branch office. It shows DHCP clients connecting to the SRX345's LAN ports (192.168.1.0/24 subnet). The SRX345 connects to the Internet via its WAN interface (ge-0/0/0), which obtains an IP address from a provider. The diagram also shows connections to Juniper Sky Enterprise and Contrail Service Orchestration (CSO), and a local/remote management station.

Key Network Points:

  • Access SRX CLI/J-Web locally via 192.168.1.1. For remote access, use the WAN provider's IP address (verify with show interfaces ge-0/0/0 terse).
  • The management interface acts as a DHCP server for the 192.168.1.0/24 subnet.
  • LAN ports are configured for DHCP, receiving network configuration from the SRX. Devices obtain IP addresses from the 192.168.2.0/24 pool and use the SRX as their default gateway.
  • All LAN ports are in the same subnet with Layer 2 connectivity. Traffic is permitted between trust zone interfaces.
  • Traffic originating in the trust zone is permitted in the untrust zone, with matching response traffic allowed back. Traffic originating from the untrust zone is blocked.
  • The SRX performs source NAT (S-NAT) using the WAN interface's IP for traffic sent to the WAN from the trust zone.
  • Specific services (HTTPS, DHCP, TFTP, SSH) are permitted from the untrust zone to the local host. All local host services are allowed for traffic originating from the trust zone.

Step 3: Keep Going

What's Next?

Quickly configure and validate a secure branch office with the Guided Setup: SRX300 Line Firewalls.

If you want to Then
Change configuration settings, get another device up and running, or both Log in to J-Web and use the wizard. Alternatively, use advanced features via Juniper Contrail Service Orchestration (CSO) and Juniper Sky Enterprise. Requires account and activation code. See Contrail Service Orchestration (CSO) Deployment Guide and Juniper Sky Enterprise Getting Started Guide.
Set up your SRX345 with advanced security measures Visit Day One: SRX Series Up and Running With Advanced Security Services.
Manage software upgrades on your SRX345 See Installing Software on SRX Series Devices.
See, automate, and protect your network with Juniper Security Visit the Security Design Center.
Get hands-on experience with the procedures covered in this guide Visit Juniper Networks Virtual Labs and reserve your free sandbox. Find the Junos Day One Experience sandbox.

General Information

If you want to Then
Download, activate, and manage software licenses See Activate Junos OS Licenses in the Juniper Licensing Guide.
See all documentation available for the SRX345 Visit the SRX345 Documentation page in the Juniper TechLibrary.
Configure the SRX345 with the Junos OS CLI Start with the Day One+ for Junos OS guide.
Configure the SRX345 using J-Web See J-Web for SRX Series Documentation.
Stay up-to-date on new and changed features and known and resolved issues See Junos OS Release Notes.

Learn With Videos

Our video library offers resources to help you install hardware and configure advanced Junos OS network features.

If you want to Then
View a web-based training video on SRX340/SRX345 installation and configuration SRX340 and SRX345 Services Gateways Overview and Deployment (WBT)
Get quick tips and instructions on features and functions See Learning with Juniper on Juniper Networks main YouTube page.
View a list of free technical trainings Visit the Getting Started page on the Juniper Learning Portal.
Models: SRX345 Day One Services Gateway, SRX345 Day One, Services Gateway, Gateway

File Info : application/pdf, 12 Pages, 1.35MB

PDF preview unavailable. Download the PDF instead.

1049212506

References

XEP 4.22 build 2013

Related Documents

Preview Juniper SRX345 Day One+ Installation Guide
A comprehensive guide to installing and performing initial configuration for the Juniper Networks SRX345 Services Gateway, covering rack mounting, power-on procedures, and basic network setup.
Preview Juniper SRX345 Quick Start Guide
A concise guide to installing, powering on, and performing initial configuration of the Juniper Networks SRX345 firewall using the CLI.
Preview Juniper SRX345 Quick Start Guide
Get started quickly with the Juniper Networks SRX345 firewall. This guide provides step-by-step instructions for installation, rack mounting, power-on, and initial CLI configuration.
Preview Juniper SRX220 Quick Start Guide: Setup and Configuration
Get started with your Juniper SRX220 Services Gateway. This guide provides concise, step-by-step instructions for initial setup, connection, IP configuration, and verification.
Preview Juniper SRX Series Firewalls: J-Web User Guide
Comprehensive guide to using the Juniper Networks J-Web interface for managing, configuring, and monitoring SRX Series Firewalls. Covers setup, monitoring, device administration, and network features.
Preview Juniper Networks SRX1500 Day One+ Quick Start Guide
A concise guide to installing and configuring the Juniper Networks SRX1500 Services Gateway, covering initial setup, rack installation, and basic operation.
Preview SRX3400 Services Gateway Getting Started Guide
A comprehensive guide for installing and configuring the Juniper Networks SRX3400 Services Gateway. Covers hardware setup, rack mounting, cabling, power connections, initial software configuration, safety warnings, and compliance information.
Preview Juniper SRX300 Quick Start Guide: Installation and Configuration
Get started quickly with the Juniper SRX300 Firewall. This guide provides essential steps for installation, rack mounting, powering on, and initial configuration of your network security device.