Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


https://www.juniper.net/documentation/en_US/release-independent/nce/topics/example/nce-177-using-mist-with-ex-switches-example.html#jd0e32






Organization > Inventory 


Organization > Inventory > Select the Site > "Click "Adopt Switches"


Check ssh session

show configuration system services outbound-ssh

oc-term.mistsys.net  and SSH port: port 2200;


Code Block
titleoutbound ssh
root@srx320-np> show configuration system services outbound-ssh
client mist {
    device-id <organization-id>.<mac-address>;
    secret "$........Ap0"; ## SECRET-DATA
    keep-alive {
        retry 3;
        timeout 5;
    }
    services netconf;
    oc-term.mistsys.net {
        port 2200;
        retry 1000;
        timeout 60;
    }
}





Code Block
titlenslookup
nslookup  oc-term.mistsys.net

Non-authoritative answer:
Name:    ab847c3d0fcd311e9b3ae02d80612151-659eb20beaaa3ea3.elb.us-west-1.amazonaws.com
Addresses:  13.56.90.212
          13.56.90.212
Aliases:  oc-term.mistsys.net





Code Block
titleshow
collapsetrue
root@srx320-np> show system connections | match 13.56.90.212
tcp4       0      0  192.168.0.204.56360   

root@srx320-np> show system connections | match 2200
tcp4       0      0  192.168.0.204.56360                           13.56.90.212.2200                             ESTABLISHED


root@srx320-np> show system connections
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address                                 Foreign Address                               (state)
tcp4       0      0  192.168.0.204.22                              192.168.0.203.56768                           ESTABLISHED
tcp4       0     48  192.168.0.204.22                              192.168.0.203.56767                           ESTABLISHED
tcp4       0      0  192.168.0.204.56360                           13.56.90.212.2200                             ESTABLISHED
tcp4       0      0  192.168.0.204.22                              192.168.0.203.55477                           ESTABLISHED
tcp4       0      0  192.168.0.204.22                              192.168.0.203.55476                           ESTABLISHED
tcp4       0      0  *.22  


show system connections extensive | find 13.56.90.212

Code Block
titleextended
collapsetrue

root@srx320-np> show system connections extensive | find 13.56.90.212
tcp4       0      0  192.168.0.204.56360                           13.56.90.212.2200                             ESTABLISHED
   sndsbcc:          0 sndsbmbcnt:          0  sndsbmbmax:     263856
sndsblowat:       2048 sndsbhiwat:      32982
   rcvsbcc:          0 rcvsbmbcnt:          0  rcvsbmbmax:     527712
rcvsblowat:          1 rcvsbhiwat:      65964
   proc id:          1  proc name:
       iss: 1631025522      sndup: 1631235313
    snduna: 1631235313     sndnxt: 1631235313      sndwnd:     570368
    sndmax: 1631235313    sndcwnd:       2868 sndssthresh: 1073725440
       irs: 2967610863      rcvup: 2967735408
    rcvnxt: 2967735444     rcvadv: 2967801408      rcvwnd:      65964
       rtt:          0       srtt:       4866        rttv:        180
    rxtcur:       1200   rxtshift:          0       rtseq: 1631235245
    rttmin:       1000  mss:       1434
     flags: NODELAY REQ_SCALE RCVD_SCALE REQ_TSTMP RCVD_TSTMP SACK_PERMIT [0x120003e4]
tcp46      0      0  *.443                                         *.*                                           LISTEN
   sndsbcc:          0 sndsbmbcnt:          0  sndsbmbmax:     262144
sndsblowat:       2048 sndsbhiwat:      32768
   rcvsbcc:          0 rcvsbmbcnt:          0  rcvsbmbmax:     524288
rcvsblowat:          1 rcvsbhiwat:      65536
   proc id:          5  proc name:
       iss:          0      sndup:          0
    snduna:          0     sndnxt:          0      sndwnd:          0
    sndmax:          0    sndcwnd: 1073725440 sndssthresh: 1073725440
       irs:          0      rcvup:          0
    rcvnxt:          0     rcvadv:          0      rcvwnd:          0
       rtt:          0       srtt:          0        rttv:      12000
    rxtcur:       3000   rxtshift:          0       rtseq:          0
    rttmin:       1000  mss:       1024
     flags: NODELAY REQ_SCALE REQ_TSTMP [0x20000a4]
tcp4       0      0  *.443                                         *.*                                           LISTEN
   sndsbcc:          0 sndsbmbcnt:          0  sndsbmbmax:     262144
sndsblowat:       2048 sndsbhiwat:      32768
   rcvsbcc:          0 rcvsbmbcnt:          0  rcvsbmbmax:     524288
rcvsblowat:          1 rcvsbhiwat:      65536
   proc id:          2  proc name:
       iss:          0      sndup:          0
    snduna:          0     sndnxt:          0      sndwnd:          0
    sndmax:          0    sndcwnd: 1073725440 sndssthresh: 1073725440
       irs:          0      rcvup:          0
    rcvnxt:          0     rcvadv:          0      rcvwnd:          0
       rtt:          0       srtt:          0        rttv:      12000
    rxtcur:       3000   rxtshift:          0       rtseq:          0
    rttmin:       1000  mss:        512
     flags: NODELAY REQ_SCALE REQ_TSTMP [0x20000a4]









Code Block
titlebasic config
if using DHCP no need for name-server:

set system host-name Switch-1
set system root-authentication plain-text-password
set system time-zone Europe/London
set system ntp server uk.pool.ntp.org
delete chassis auto-image-upgrade
set system services ssh root-login allow




Code Block
titlepaste the script
set system services ssh protocol v2
set system authentication-order password
set system login user mist class super-user
set system login user mist authentication encrypted-password $6$8SKrI1BgRFgrPsLh$HSd7.Fp4DpE8yxghtB1
set system services outbound-ssh client mist device-id b3d4205f-fe87-47f7-99e4-b163bf6ff92e
set system services outbound-ssh client mist secret b6880b89c5153da86491c3060a3fad02641b400535ad25872f
set system services outbound-ssh client mist services netconf keep-alive retry 3 timeout 5
set system services outbound-ssh client mist oc-term.mistsys.net port 2200 timeout 60 retry 1000


...