Juniper SRX380 User manual

Brand: Juniper

Model: SRX380

Category: Gateways/controllers

Type: User manual

SRX380 Services Gateway Hardware Guide

Published

2020-03-31

Juniper Networks, Inc.

1133 Innovation Way

Sunnyvale, California 94089

USA

408-745-2000

www.juniper.net

Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in

the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks

are the property of their respective owners.

Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right

to change, modify, transfer, or otherwise revise this publication without notice.

SRX380 Services Gateway Hardware Guide

The information in this document is current as of the date on the title page.

YEAR 2000 NOTICE

Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related

limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

END USER LICENSE AGREEMENT

The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with)

Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement

(“EULA”) posted at https://support.juniper.net/support/eula/. By downloading, installing or using such software, you

agree to the terms and conditions of that EULA.

Table of Contents

About the Documentation | vii

Documentation and Release Notes | vii

Using the Examples in This Manual | vii

Merging a Full Example | viii

Merging a Snippet | ix

Documentation Conventions | ix

Documentation Feedback | xii

Requesting Technical Support | xii

Self-Help Online Tools and Resources | xiii

Creating a Service Request with JTAC | xiii

Overview

SRX380 Services Gateway Overview | 15

Overview | 15

SRX380 Services Gateway FRUs | 16

Benefits of the SRX380 Services Gateway | 16

SRX380 Chassis | 17

SRX380 Chassis Overview | 17

SRX380 Front Panel | 17

Chassis Status LEDs | 19

Management Port and Network Port LEDs | 20

SRX380 Back Panel | 21

SRX380 Interface Modules Overview | 22

SRX380 Cooling System | 23

SRX380 Power System | 23

SRX380 Services Gateway Power Supply | 24

AC Power Supply LEDs on SRX380 Services Gateways | 25

Power Specifications for SRX380 Services Gateways | 25

AC Power Cord Specifications for SRX380 | 26

iii

Site Planning, Preparation, and Specifications

SRX380 Site Preparation Checklist | 29

SRX380 Site Guidelines and Requirements | 30

General Site Installation Guidelines for the SRX380 Services Gateway | 31

SRX380 Services Gateway Environmental Specifications | 31

SRX380 Services Gateway Electrical Wiring Guidelines | 32

SRX380 Services Gateway Physical Specifications | 33

SRX380 Services Gateway Clearance Requirements for Airflow and Hardware

Maintenance | 33

Rack Requirements | 34

Cabinet Requirements | 35

Initial Installation and Configuration

Unpacking and Mounting the SRX380 | 37

Unpacking the SRX380 Services Gateway | 37

Verifying Parts Received with the SRX380 Services Gateway | 38

Mounting the SRX380 Services Gateway in a Rack | 39

Connecting the SRX380 to Power | 42

Required Tools and Parts for Grounding the SRX380 Services Gateway | 42

Connecting the SRX380 Grounding Cable | 42

Connecting the SRX380 Services Gateway to an AC Power Supply | 44

Powering Off the SRX380 Services Gateway | 45

Connecting the SRX380 to External Devices | 47

Connecting an SRX380 to a Network for Out-of-Band Management | 47

Connecting an SRX380 to a Management Console by Using an RJ-45 Connector | 48

Connecting an SRX380 to a Management Console by Using the Mini-USB Type-B Console

Port | 49

Configuring Junos OS on the SRX380 | 50

Configure Root Authentication | 50

Plug and Play | 51

Configure the SRX380 Using J-Web | 52

Configuring the SRX380 Services Gateway Using CLI | 54

Maintaining Components

Maintaining SRX380 Components | 60

Routine Maintenance Procedures for the SRX380 Services Gateway | 60

Maintaining the SRX380 Services Gateway Cooling System Components | 60

Maintaining the SRX380 Services Gateway Power Supply | 60

Removing and Installing SRX380 Power System Components | 61

Remove an AC Power Supply on SRX380 Devices | 62

Install an AC Power Supply on SRX380 Devices | 63

Removing and Installing Mini-PIMs | 65

Remove a Mini-Physical Interface Module | 65

Install a Mini-Physical Interface Module | 66

Contacting Customer Support and Returning the Chassis or Components

Returning the SRX380 Chassis or Components | 69

Contacting Customer Support | 69

Returning an SRX380 Services Gateway or Component to Juniper Networks | 70

Locating the Chassis Serial Number | 70

Locating the Mini-PIM Serial Number Label | 71

Listing the SRX380 Services Gateway Component Details by Using the CLI | 71

Required Tools and Parts for Packing the SRX Series Services Gateway | 72

Packing the SRX Series Services Gateway for Shipment | 72

Packing SRX Series Services Gateway Components for Shipment | 73

Safety and Compliance Information

Definitions of Safety Warning Levels | 76

General Safety Guidelines and Warnings | 79

Restricted Access Warning | 81

Qualified Personnel Warning | 84

Prevention of Electrostatic Discharge Damage | 84

Fire Safety Requirements | 86

Fire Suppression | 86

Fire Suppression Equipment | 86

Laser and LED Safety Guidelines and Warnings | 87

General Laser Safety Guidelines | 87

Class 1 Laser Product Warning | 88

Class 1 LED Product Warning | 89

Laser Beam Warning | 90

Radiation from Open Port Apertures Warning | 91

Maintenance and Operational Safety Guidelines and Warnings | 92

Battery Handling Warning | 93

Jewelry Removal Warning | 94

Lightning Activity Warning | 96

Operating Temperature Warning | 97

Product Disposal Warning | 99

Action to Take After an Electrical Accident | 100

General Electrical Safety Guidelines and Warnings | 100

AC Power Electrical Safety Guidelines | 101

SRX380 Services Gateway Agency Approvals | 102

SRX380 Services Gateway EMC Requirements | 104

Canada | 104

European Community | 104

Israel | 104

Japan | 105

United States | 105

BSMI Statement (Taiwan) | 105

About the Documentation

IN THIS SECTION

Documentation and Release Notes | vii

Using the Examples in This Manual | vii

Documentation Conventions | ix

Documentation Feedback | xii

Requesting Technical Support | xii

Use this guide to install hardware and perform initial software configuration, routine maintenance, and

troubleshooting for the SRX380 Services Gateway. After completing the installation and basic configuration

procedures covered in this guide, refer to the Junos OS documentation for information about further

software configuration.

Documentation and Release Notes

To obtain the most current version of all Juniper Networks

technical documentation, see the product

documentation page on the Juniper Networks website at https://www.juniper.net/documentation/.

If the information in the latest release notes differs from the information in the documentation, follow the

product Release Notes.

Juniper Networks Books publishes books by Juniper Networks engineers and subject matter experts.

These books go beyond the technical documentation to explore the nuances of network architecture,

deployment, and administration. The current list can be viewed at https://www.juniper.net/books.

Using the Examples in This Manual

If you want to use the examples in this manual, you can use the load merge or the load merge relative

command. These commands cause the software to merge the incoming configuration into the current

candidate configuration. The example does not become active until you commit the candidate configuration.

vii

If the example configuration contains the top level of the hierarchy (or multiple hierarchies), the example

is a full example. In this case, use the load merge command.

If the example configuration does not start at the top level of the hierarchy, the example is a snippet. In

this case, use the load merge relative command. These procedures are described in the following sections.

Merging a Full Example

To merge a full example, follow these steps:

1. From the HTML or PDF version of the manual, copy a configuration example into a text file, save the

file with a name, and copy the file to a directory on your routing platform.

For example, copy the following configuration to a file and name the file ex-script.conf. Copy the

ex-script.conf file to the /var/tmp directory on your routing platform.

system {

scripts {

commit {

file ex-script.xsl;

}

interfaces {

fxp0 {

disable;

unit 0 {

family inet {

address 10.0.0.1/24;

}

2. Merge the contents of the file into your routing platform configuration by issuing the load merge

configuration mode command:

[edit]

user@host# load merge /var/tmp/ex-script.conf

load complete

viii

Merging a Snippet

To merge a snippet, follow these steps:

1. From the HTML or PDF version of the manual, copy a configuration snippet into a text file, save the

file with a name, and copy the file to a directory on your routing platform.

For example, copy the following snippet to a file and name the file ex-script-snippet.conf. Copy the

ex-script-snippet.conf file to the /var/tmp directory on your routing platform.

commit {

file ex-script-snippet.xsl; }

2. Move to the hierarchy level that is relevant for this snippet by issuing the following configuration mode

command:

[edit]

user@host# edit system scripts

[edit system scripts]

3. Merge the contents of the file into your routing platform configuration by issuing the load merge

relative configuration mode command:

[edit system scripts]

user@host# load merge relative /var/tmp/ex-script-snippet.conf

load complete

For more information about the load command, see CLI Explorer.

Documentation Conventions

Table 1 on page x defines notice icons used in this guide.

Table 1: Notice Icons

DescriptionMeaningIcon

Indicates important features or instructions.Informational note

Indicates a situation that might result in loss of data or hardware

damage.

Caution

Alerts you to the risk of personal injury or death.Warning

Alerts you to the risk of personal injury from a laser.Laser warning

Indicates helpful information.Tip

Alerts you to a recommended use or implementation.Best practice

Table 2 on page x defines the text and syntax conventions used in this guide.

Table 2: Text and Syntax Conventions

ExamplesDescriptionConvention

To enter configuration mode, type

the configure command:

user@host> configure

Represents text that you type.Bold text like this

user@host> show chassis alarms

No alarms currently active

Represents output that appears on

the terminal screen.

Fixed-width text like this

•

A policy term is a named structure

that defines match conditions and

actions.

•

Junos OS CLI User Guide

•

RFC 1997, BGP Communities

Attribute

•

Introduces or emphasizes important

new terms.

•

Identifies guide names.

•

Identifies RFC and Internet draft

titles.

Italic text like this

Table 2: Text and Syntax Conventions (continued)

ExamplesDescriptionConvention

Configure the machine’s domain

name:

[edit]

root@# set system domain-name

domain-name

Represents variables (options for

which you substitute a value) in

commands or configuration

statements.

Italic text like this

•

To configure a stub area, include

the stub statement at the [edit

protocols ospf area area-id]

hierarchy level.

•

The console port is labeled

CONSOLE.

Represents names of configuration

statements, commands, files, and

directories; configuration hierarchy

levels; or labels on routing platform

components.

Text like this

stub <default-metric metric>;Encloses optional keywords or

variables.

< > (angle brackets)

broadcast | multicast

(string1 | string2 | string3)

Indicates a choice between the

mutually exclusive keywords or

variables on either side of the symbol.

The set of choices is often enclosed

in parentheses for clarity.

| (pipe symbol)

rsvp { # Required for dynamic MPLS

only

Indicates a comment specified on the

same line as the configuration

statement to which it applies.

# (pound sign)

community name members [

community-ids ]

Encloses a variable for which you can

substitute one or more values.

[ ] (square brackets)

[edit]

routing-options {

static {

route default {

nexthop address;

retain;

}

Identifies a level in the configuration

hierarchy.

Indention and braces ( { } )

Identifies a leaf statement at a

configuration hierarchy level.

; (semicolon)

GUI Conventions

Table 2: Text and Syntax Conventions (continued)

ExamplesDescriptionConvention

•

In the Logical Interfaces box, select

All Interfaces.

•

To cancel the configuration, click

Cancel.

Represents graphical user interface

(GUI) items you click or select.

Bold text like this

In the configuration editor hierarchy,

select Protocols>Ospf.

Separates levels in a hierarchy of

menu selections.

> (bold right angle bracket)

Documentation Feedback

We encourage you to provide feedback so that we can improve our documentation. You can use either

of the following methods:

•

Online feedback system—Click TechLibrary Feedback, on the lower right of any page on the Juniper

Networks TechLibrary site, and do one of the following:

•

Click the thumbs-up icon if the information on the page was helpful to you.

•

Click the thumbs-down icon if the information on the page was not helpful to you or if you have

suggestions for improvement, and use the pop-up form to provide feedback.

•

E-mail—Send your comments to [email protected]. Include the document or topic name,

URL or page number, and software version (if applicable).

Requesting Technical Support

Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC).

If you are a customer with an active Juniper Care or Partner Support Services support contract, or are

xii

covered under warranty, and need post-sales technical support, you can access our tools and resources

online or open a case with JTAC.

•

JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User

Guide located at https://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf.

•

Product warranties—For product warranty information, visit https://www.juniper.net/support/warranty/.

•

JTAC hours of operation—The JTAC centers have resources available 24 hours a day, 7 days a week,

365 days a year.

Self-Help Online Tools and Resources

For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called

the Customer Support Center (CSC) that provides you with the following features:

•

Find CSC offerings: https://www.juniper.net/customers/support/

•

Search for known bugs: https://prsearch.juniper.net/

•

Find product documentation: https://www.juniper.net/documentation/

•

Find solutions and answer questions using our Knowledge Base: https://kb.juniper.net/

•

Download the latest versions of software and review release notes:

https://www.juniper.net/customers/csc/software/

•

Search technical bulletins for relevant hardware and software notifications:

https://kb.juniper.net/InfoCenter/

•

Join and participate in the Juniper Networks Community Forum:

https://www.juniper.net/company/communities/

•

Create a service request online: https://myjuniper.juniper.net

To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool:

https://entitlementsearch.juniper.net/entitlementsearch/

Creating a Service Request with JTAC

You can create a service request with JTAC on the Web or by telephone.

•

Visit https://myjuniper.juniper.net.

•

Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).

For international or direct-dial options in countries without toll-free numbers, see

https://support.juniper.net/support/requesting-support/.

xiii

CHAPTER

Overview

SRX380 Services Gateway Overview | 15

SRX380 Chassis | 17

SRX380 Cooling System | 23

SRX380 Power System | 23

SRX380 Services Gateway Overview

IN THIS SECTION

Overview | 15

SRX380 Services Gateway FRUs | 16

Benefits of the SRX380 Services Gateway | 16

Overview

The Juniper Networks SRX380 Services Gateway consolidates security, routing, and switching to provide

an all-in-one networking platform for software-defined WAN (SD-WAN) and next-generation firewall

(NGFW) deployments. The SRX380 is designed for enterprise (large branch offices, small campus, SD-WAN)

and service provider (managed WAN CPE, SD-WAN) deployments.

The SRX380 Services Gateway is 1 rack unit (U) tall and provides high port density with 16 on-board

PoE-enabled 1-Gigabit Ethernet ports and 4 10-Gigabit Ethernet ports that support small form-factor

pluggable plus (SFP+) transceivers. All the ports support AES-256 MACsec encryption. The SRX380 has

a 100 GB on-board Serial Advanced Technology Attachment (SATA) solid-state drive (SSD).

The SRX380 supports dual power supplies and up to four Mini-Physical Interface Modules (Mini-PIMs).

Figure 1 on page 15 shows the SRX380 Services Gateway.

Figure 1: SRX380 Services Gateway

g100932

Key features supported on the SRX380 include VPN, Intrusion Detection and Prevention (IDP), AppSecure,

Juniper Networks Sky Advanced Threat Prevention (Sky ATP), and UTM. For more information about the

features supported on the SRX380 Services Gateway, see Feature Explorer.

You can manage the SRX380 Services Gateway by using the same interfaces that you use for managing

other devices that run Junos OS—the CLI, the J-Web graphical interface, and Junos Space.

The first supported version of Junos OS for the SRX380 Services Gateway is Release 20.1R1.

This video provides a brief overview of the SRX380.

Video: SRX380 Hardware Overview

SRX380 Services Gateway FRUs

Field-replaceable units (FRUs) are components that you can replace at your site. The FRUs in the SRX380

Services Gateway are:

•

Power supplies

If only one power supply is installed in your device, you must power off the device before removing the

power supply.

•

Mini-PIMs

The Mini-PIMs are not hot-swappable. You must power off the device before removing or installing

Mini-PIMs.

NOTE: If you have a Juniper J-Care service contract, register any addition, change, or upgrade

of hardware components at https://www.juniper.net/customers/support/tools/updateinstallbase/.

Failure to do so can result in significant delays if you need replacement parts. This note does

not apply if you replace existing components with the same type of component.

Benefits of the SRX380 Services Gateway

•

Multiple WAN connectivity options—The SRX380 supports multiple options such as Ethernet, serial,

T1/E1, VDSL2, Wi-Fi, and 3G/4G LTE wireless for WAN or Internet connectivity to link sites.

•

Comprehensive security—The SRX380 provides security in every layer with AES-256 MACsec encryption,

IPS, UTM, Juniper Sky Advanced Threat Prevention, and Application Security for protection against

potential vulnerabilities.

SRX380 Chassis

IN THIS SECTION

SRX380 Chassis Overview | 17

SRX380 Front Panel | 17

SRX380 Back Panel | 21

SRX380 Interface Modules Overview | 22

The SRX380 Services Gateway chassis is a rigid sheet metal structure that houses all of the other

components.

SRX380 Chassis Overview

The SRX380 chassis installs in standard 800–mm (or larger) enclosed cabinets, 19-in. equipment racks, or

telecommunications open-frame racks.

CAUTION: Before removing or installing components of a functioning services gateway,

attach an electrostatic discharge (ESD) strap to an ESD point and place the other end

of the strap around your bare wrist. Failure to use an ESD strap could result in damage

to the device.

The services gateway must be connected to earth ground during normal operation. The protective earthing

terminal on the side of the chassis is provided to connect the services gateway to ground.

SRX380 Front Panel

Figure 2 on page 18 shows the front panel of the SRX380. Table 3 on page 18 provides details about the

front panel components.

Figure 2: SRX380 Services Gateway Front Panel

g100930

ALARM

PWR

mPIM1

mPIM2

mPIM3

mPIM4

mPIM

T TS

3 4

0 / 8 0/9 0 / 10 0/ 11 0 / 12 0 / 13 0 / 14 0/ 15 0 / 16 0 / 17 0/ 18 0 / 19

6791011 8

Table 3: SRX380 Services Gateway Front Panel Components

DescriptionComponentCallout

Indicate component and system status.LEDs1

Returns the services gateway to the rescue configuration or

the factory-default configuration.

Reset Config button2

Accepts a Mini-B type USB cable plug. A USB cable with

Mini-B and Type A USB plugs is supplied with the services

gateway. To use the mini-USB console port, you must

download a USB driver to the management device from the

Downloads page at

https://www.juniper.net/support/downloads/?p=junos-srx#sw.

To download the driver for Windows OS, select 6.5 from the

Version drop-down list.

To download the driver for Mac OS, select 4.10 from the

Version drop-down list.

Mini-USB console port3

Four slots for Mini-PIMs, which can provide LAN and WAN

functionality along with connectivity to various media types.

Mini-PIM slots4

ESD outlet5

Four 1 or 10-Gigabit Ethernet SFP or SFP+ ports for network

traffic.

1-Gigabit Ethernet or

10-Gigabit Ethernet SFP

or SFP+ ports

Table 3: SRX380 Services Gateway Front Panel Components (continued)

DescriptionComponentCallout

Sixteen 1-Gigabit Ethernet LAN ports that are PoE-enabled.

The ports have the following characteristics:

•

Use an RJ-45 connector

•

Operate in full-duplex and half-duplex modes

•

Support autonegotiation

The ports can be used to:

•

Function as front-end network ports

•

Provide LAN and WAN connectivity to hubs, switches,

local servers, and workstations

•

Forward incoming data packets to the services gateway

•

Receive outgoing data packets from the services gateway

1-Gigabit Ethernet ports7

Use the management (MGMT) port to connect to the device

over the network.

Management port8

One USB port that accepts a USB storage device.USB port9

Supports RS-232 serial ports.RJ-45 console port10

Use the Power button to shut down the services gateway.Power button11

NOTE: The SRX380 ships with tamperproof labels for the Mini-PIM slots and SSD slots.

Chassis Status LEDs

Figure 3 on page 20 shows the LEDs on the front panel of the SRX380.

Figure 3: SRX380 Services Gateway Front Panel LEDs

g100931

T T

Table 4 on page 20 lists the front panel LEDs.

Table 4: SRX380 Services Gateway Front Panel LEDs

DescriptionComponent

•

Solid amber (noncritical alarm)

•

Solid red (critical alarm)

•

Off (no alarms)

ALARM

•

Solid green (operating normally)

•

Solid red (error detected)

STAT

•

Solid green (receiving power)

•

Solid amber (Power-off triggered)

•

Off (no power)

PWR

•

Solid green (all HA links are available)

•

Solid amber (some HA links are unavailable)

•

Solid red (HA links are not functional)

•

Off (HA is disabled)

•

Solid green (Mini-PIM is functioning normally)

•

Solid red (Mini-PIM hardware failure)

•

Off (Mini-PIM is not installed or Mini-PIM is not

detected by the device)

mPIM1, mPIM2, mPIM3, and mPIM4

Management Port and Network Port LEDs

The management port and network port have two LEDs each that indicate the link activity and status of

the ports. Figure 4 on page 21 shows the LEDs.

Table 5 on page 21 describes the management port and network port LEDs.

Page is loading ...

Juniper SRX380 User manual

Brand: Juniper

Model: SRX380

Category: Gateways/controllers

Type: User manual

Download PDF

report

Juniper SRX380 User manual

Juniper SRX380 User manual

Related papers

Other documents