Users may find that an EX Series switch running Junos OS Release 12.3R12-S12 is unable to negotiate properly with Sky Enterprise, and as a result, the device is showing as offline.

This article explains why this happens and what must be done to not run into this problem.

 

The following symptom is observed:

• The EX switch is running Junos OS release 12.3R12-S12.

• The EX device is added on Sky Enterprise.

• The configlet is copied and pasted on the EX switch and the configuration committed.

• A "connected" response is seen when a telnet to skyent-ncd01.juniper.net port 4087 is performed.

• The server shows that the device is offline.

• From the EX switch, when performing a show system connections | match 4087, no values are returned.

 

The configlet shows the login user "skyenterprise" with a plain-text-password hash beginning with $6$. When a plain-text-password uses the SHA-512 hash, the encrypted-password hash will begin with $6$. On EX switches that are running Junos OS Release 12.3R12 and earlier, only MD5 hash is supported even though the configuration commits without an error.

 

Since EX switches running Junos OS Release 12.3R12 and earlier only support MD5 hash, when adding a device, the optional check box "Allow legacy MD5 passwords" needs to be selected. For these devices, the following procedure must be followed:

1. From the device tab, delete the existing device. 

2. Click the +Add Device button.

3. In the Add Device dialog box, select the "Show Optional Fields?" check box, scroll down, and select the "Allow legacy MD5 passwords" check box.

4. Click Create Device.

5. Copy the configlet, paste it into the EX device, and commit the configuration.

The device will now be able to communicate to Sky Enterprise, and the device will show as Online.