Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EOL/EOE] How to configure the remote Backup on NSM



Article ID: KB12555 KB Last Updated: 18 Oct 2020Version: 5.0
Note: A product listed in this article has either reached hardware End of Life (EOL) OR software End of Engineering (EOE).  Refer to End of Life Products & Milestones for the EOL, EOE, and End of Support (EOS) dates.
This article provides information on how to configure the remote backup for NSM.
How to configure the remote backup on NSM under the NSM user or root.
It is recommended to change NSM to run as the nsm user, prior to configuring the remote backup. This change is required, only if you are using NSM 2007 or earlier. For more information, refer to KB4594 - How Do I Run the NSM Processes as a Non-Root User?

For NSM 2008 or later, you should be using the nsm user.  This user will need to be created on the remote system.
  1. Configure a trust relationship between the NSM server and the remote backup system. For more information, refer to KB11653 - How to create a trust relationship between two servers (if in HA, make sure to append, instead of replacing, authorized_keys).

  2. Create the /var/netscreen/dbbackup folder on the Remote Server and ensure that the user ID being used (either nsm or root) is the owner of /var/netscreen.
    Note: rsync must be installed on the Remote Server.

    In the HA setup, to back up both the systems to the same destination, create 2 different destinations - /var/netscreen/dbbackup and /var/netscreen/dbbackup2.
  3. Edit /usr/netscreen/HaSvr/var/haSvr.cfg and change the following lines:
    highAvail.isRemoteDbBackupReplicationEnabled      n     (Change to   y)
    highAvail.remoteSyncIp                            ""   (Remove "" and enter the remote server IP)
    If in HA, modify the backup destination on one system:
    highAvail.pathDbBackup       /var/netscreen/dbbackup   (Change to /var/netscreen/dbbackup2 on the secondary)
  4. Restart the HaSvr process:
    /etc/init.d/haSvr restart
  5. Test the replication by using the following command:
To troubleshoot any errors, check errorlog /usr/netscreen/HaSvr/var/errorLog/backup.log.
Modification History:
2020-10-18: Tagged article for EOL/EOE.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search