# Juniper Switching CLI & J-Web - A Collection This page is for the Juniper Switching CLI or J-Web interfaces which don't all need separate pages. You can search for them with **Ctrl + F** or click the "Search" at the top. **The terminology used in this documentation is listed below:** • **Run** – Run the command and press enter. No other interaction needed. No output will appear. • **Type** – Type a word, most of the time being Boolean (yes/no, true/false). ##### **Configuring Virtual Chassis EX Series** ***Taken from:** [https://www.juniper.net/documentation/us/en/software/junos/virtual-chassis-qfx/topics/concept/virtual-chassis-ex4200-overview.html#understanding-ex-series-virtual-chassis\_\_d2126e1405](https://www.juniper.net/documentation/us/en/software/junos/virtual-chassis-qfx/topics/concept/virtual-chassis-ex4200-overview.html#understanding-ex-series-virtual-chassis__d2126e1405)* **Sadly, this takes you to a PDF and you need to use Wayback machine to get the snapshot of: ** *https://web.archive.org/web/20231201042147/https://www.juniper.net/documentation/us/en/software/junos/virtual-chassis-ex-4200-4500/topics/task/virtual-chassis-ex4200-cli.html* ##### **Enabling J-Web Interface** Connect the COM cable or use the IP address of the system and SSH to it. Login as normal. Run **cli** Run **edit** Run **delete interfaces** Run **set interfaces vlan.0 family inet address 192.192.0.x** *(replacing x with the end IP for the management interface)* Run **commit** Wait for synchronization to complete. **Description:** We have removed all interfaces and configured the **vlan.0** interface to **192.192.0.x**, x being the end of the switches management IP address temporarily. Without this being set, the switch will complain that no interfaces have been configured for vlan.0. ***Taken from:** [https://supportportal.juniper.net/s/article/Interface-must-already-be-defined-under-edit-interfaces-commit-error?language=en\_US](https://supportportal.juniper.net/s/article/Interface-must-already-be-defined-under-edit-interfaces-commit-error?language=en_US) * Run **set interfaces vme unit 0 family inet address 192.168.0.x/<subnet>** *(replacing x with the IP for management interface, the vme IP)* Run **set system services ssh root-login allow** Run **set system services web-management management-url 192.168.0.x/root** *(replacing x with the IP for management interface web portal, same as the vme IP set earlier)* Run **set system services web-management http interface vme** Run **set system services web-management https port 443** Run **set system services web-management https system-generated-certificate** Run **set system services web-management https interface vme** Run **commit** Wait for synchronization to complete. **Description:** We have updated the management interface, J-Web, to show the webpage instead of “Connection Refused”. This is believed to be happening because of it binding the interface to me0, not vme, which is the virtual chassis interface. Citation Needed. ##### **Switching Between Primary Master & Backup Switches** Connect the COM cable or use the IP address of the system and SSH to it. Login as normal. ***Taken from:*** *https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/command/request-chassis-routing-engine-master.html* Run **cli** Run **request chassis routing-engine master switch** Type **yes** You will be disconnected after about 1-2 seconds on the switch you are connected on (either master or backup) and you will need to wait around 5 minutes before issuing this command again. ##### **Save Time With Making Synchronize Default** This section allows you to set the command commit to always run commit synchronize without you needing to write that word afterwards. Connect the COM cable or use the IP address of the system and SSH to it. Login as normal. Run **cli** Run **edit** Run **set system commit synchronize** Run **commit synchronize** On next command run of commit, it will run commit synchronize. This should be visibly apparent that it worked as you will see fpc0 and fpc1 sync along the left when committing between them when in virtual-chassis mode. ##### **Switching ROM On Switch** Connect the COM cable to the switch you wish to switch ROM on. This is good for getting to a different firmware version if it decided to downgrade due to not being the same, configuration resync or getting back from Linecard to Master/Backup due to version issue. **Note:** Due to the command **request session member X**, a COM cable isn’t required. Run **request system reboot slice alternate media internal** Type **yes** Wait for switch to restart. This will countdown on 60 seconds, 30 seconds and immediately, respectively. ##### **Syncing Current ROM With Redundant ROM** SSH or connect the COM cable and run the command below to sync the current system configuration and OS version to the redundant ROM **AND** between both the fpc0 and fpc1. Run **cli** Run **edit** Run **run request system snapshot slice alternate** ##### **Get Full System Info From Both Switches (Virtual Chassis)** Obtain the system information from both switches such as the state, temperature, memory and CPU usage, model, serial number and last reboot reason. Run **cli** Run **show chassis routing-engine** ##### **Login To Alternative Switch In CLI Mode For Logs/Configuration** To get into an additional member of the virtual chassis, you can run the below command to access it instead of running the switch routing-engine command. For example, member 0 is top switch, member 1 is bottom switch if running in a 2 system virtual-chassis. Replace X with the switch member number. For locating the number, you can Run show virtual-chassis to view member numbers. Run **cli** Run **request session member x** ##### **Enabling SNMP v3 on Juniper 4200/4500 switches** ```markdown set snmp v3 vacm security-to-group security-model usm security-name group read-only-group set snmp v3 vacm access group read-only-group default-context-prefix security-model usm security-level privacy read-view read-only-view commit comment "Preparation For SNMPv3" set snmp v3 usm local-engine user authentication-sha authentication-password "" set snmp v3 usm local-engine user privacy-aes128 privacy-password "" set snmp view read-only-view oid .1 include show snmp commit comment "Setup SNMPv3 For " ```

For TenantOS, the settings to select are below: ![](https://jasmeow.pics/NvnjOC.png)

##### **Setup Syslog to an endpoint IP listening for Syslog data** ```markdown set system syslog host any any set system syslog file messages any any commit comment "Activate Syslog Data Collection" ``` ##### **Installing LLDPD to get data from the port connected and query the switch** Using this will tell you all the connection information from the switch, such as what port, what the switch name is, vlans it's providing to you, etc. apt install lldpd -y && / lldpctl ##### **Need to rename a VLAN on the switch and need to find out which members are in that VLAN so you can delete it safely?** This can also be used to prepare who has duplicate VLAN names such as "ClientVlan" and "Vlan.3" basically meaning, it has the named version of vlan 3 and the numerical version. Running this command helps you clear out those "named vlan" problems which originate by making the vlans on the JWeb interface before being comfortable with CLI. This will then give you the chance to rename a vlan later on with rename vlan command, etc. ```markdown cli -c "show configuration interfaces | display set" | grep "family ethernet-switching vlan members " | awk '{print "delete", $2, $3, $4, $5, $6, $7, "vlan members "}' > /var/tmp/.conf ```