Monday, January 31, 2011

Resetting Netscreen Device (Juniper Firewall)

While thinking to start working on juniper, when I picked up Juniper Firewall (Netscreen-50) I was unable to login using the default username and password i.e. Netscreen and Netscreen, Now I had to reset the device in order to get in and enjoy configuring Juniper Firewall but same time you will loss all your configuration. When I consult the Netscreen-50 manual, I got two ways which can be used to reset the firewall, let’s look at the both ways:

1. Using RESET Button

a) On you device near power switch there is a small pinhole which can be used to reset you device.

b) Use a small paper pin or any other narrow pin and insert that into this pinhole and push, while pushing the status of the LED will turn into AMBER

c) Now after releasing the status will turn into GREEN

d) Now wait for two to three seconds

e) After that insert the pin into pinhole again and press for five to six seconds when the status of LED turn into RED, release you pin

f) Now your device will resets into the default factory settings.

g) Now you can enter into your device using the default username (Netscreen) and password (Netscreen)

2. Using Device Serial Number

a) This just needs your device to connect using consol cable.

b) We can also reset our device using the device serial number, note down the serial number from the back of the device.

c) Enter the serial number at the login prompt like

Login: 000099991111 (example)
d) Again enter the same number at the password prompt

Password: 000099991111

!!! lost password reset/!! you ha ye initiated a command to reset the device to factory defaults, clearing ah current configuration, keys and settings. would you like to continue? y/in!

Enter Y

Again you will see the following message:

!! reconfirm lost password reset 111fyou continue, the entire configuration of the device will be erased. in addition, a permanent counter will be incremented to signify that this device has been reset. this is your last chance to cancel this command. if you proceed, the device will return to factory default configuration, which is: system ip: 192.188.1.1; username: netscreen;password' netscreen. would you like to continue? y/[n]

Enter Y

Now you can login using the default username and password. The device recovery feature is enable by default but we can disable it by using following command:

unset admin device-reset

I hope this will be informative for you.

Cheers :)

Monday, January 10, 2011

Low Heap Memory Size Configuring IPS using SDM

To have a secure network we must be aware of the technologies which can really help us in securing our network, I was studying CCNA-Security last day and a task was about to perform on Cisco router, “Implementing Router Based IPS”. In my case I took 1841 series router and access through SDM. when I select IPS from the left panel I got the following message……….! Banggggg :(

“Your current Java memory heap size is less than 256MB, the amount required for IOS to run. To change the Java memory heap size, open the java control panel and enter -Xmx256m in the Java Applet Runtime Settings dialog. This dialog is in the Java tab, or in the Advance tab of the Java control panel. After you have changed the Java heap size, restart Cisco SDM”.

I consult Google and SDM help so got the solution, Its very simple just follow the following steps:

1. Select START, click on Control Panel

2. Double Click on JAVA

3. Click on ADVANCE tab, and Click on “Java Runtime” if you not able to see this then follow Step-4

4. Click on JAVA tab and click on “View” under “Java Applet Runtime Settings”

5. In the window under “Java Runtime Parameters” write down “-Xmx256m”.

6. Click OK

7. Click Apply and OK

8. Restart your SDM

9. Enjoy IPS Configuration :)

I hope this will be informative for you :)