cancel
Showing results for 
Search instead for 
Did you mean: 

How to restore MAG2600

Highlighted
Occasional Contributor

How to restore MAG2600

Hello everybody. I've just messed up with importing configuration from SA 700. First of all i had exported "Configuration" and "Users" from SA 700 and succesfully imported it into MAG2600. All was working good. But then i went into "Import/Export" and decided to export some settings from there too (such as policies and roles). But i forgot to deselect "System settings" so i've imported them into my MAG2600 and after that it stopped working. (i cant even ping it now). The problem is, that all this appliance is in another city, so i cant even connect to it via serial cable. How can i restore older settings? Or it's the only option now to reset it to the factory?

4 REPLIES 4
Highlighted
Regular Contributor

Re: How to restore MAG2600

Yes follow the high level steps mentioned in that guide. The important steps for your use case will be:

1. Make sure the SA700 and MAG 2600 are on same software versions.

2. When importing into MAG2600 first configure the MAG2600's network settings manually. Then when you import system.cfg select the option highlighted in the guide; its important to get this right. (and select/deselect the import device cert. based on your requirement).

3. After this import the user.cfg (you will now need an admin account that was present in the config you imported)

4. You are moving from SA700 so there will be no clustering involved and you can ignore the cluster steps mentioned in the doc.

Note: Make sure you have serial console access.



Highlighted
Regular Contributor

Re: How to restore MAG2600

I'm guessing as part of the second import the network settings that got imported have made the box unreachable due to invalid network settings. If it was just an IP change (i.e. subnet, gateway, etc is same and valid) then you can try the IP that was present in the imported config. There is no other recovery mechanism other than connecting via serial.

Highlighted
Respected Contributor

Re: How to restore MAG2600

Another option, to reduce the risk of invalid import on the system config, is to do the import at system > configuration > device certificates > import certificate & key. This, the certificate, is the only item needed for a move like what you are describing. The user.cfg has everything else you need & don't want to miss.
Never do XML for this
Highlighted
Occasional Contributor

Re: How to restore MAG2600

You are right, there was network settings from SA700, so MAG becomes unavailable to log in remotly. And unfortunately this import caused a significant problem with the MAG VPN device (my friend from that city, where MAG is standing could not even restore default settings using serial cable). I dont know more details, but he returned it into Juniper for replacement.

So i have 1 question. Can you please tell me what kind of settings i can safely export from SA700 and import into MAG2600?

I need to make the same copy of SA700 by functionality, so will it be enough to import only "Configuration" and "Users" (Like it is described in this guide http://www.juniper.net/techpubs/software/ive/guides/howtos/SA-to-MAG-Upgrade-Guide.pdf )?I need all user roles, realms, policies, etc. from my old SA700 device. Or i should import "Configuration", "Users" and then select all other settings from "XML Import/Export" tab except "System settings" and "Junos Pulse" ?

Thank you!