Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Sky Enterprise] Unable to connect to Sky Enterprise from EX switch running Junos OS 12.3R12-S12

0

0

Article ID: KB36083 KB Last Updated: 15 Jul 2020Version: 1.0
Summary:

Users may find that an EX Series switch running Junos OS Release 12.3R12-S12 is unable to negotiate properly with Sky Enterprise, and as a result, the device is showing as offline.

This article explains why this happens and what must be done to not run into this problem.

 

Symptoms:

The following symptom is observed:

  • The EX switch is running Junos OS release 12.3R12-S12.

  • The EX device is added on Sky Enterprise.

  • The configlet is copied and pasted on the EX switch and the configuration committed.

  • A "connected" response is seen when a telnet to skyent-ncd01.juniper.net port 4087 is performed.

  • The server shows that the device is offline.

  • From the EX switch, when performing a show system connections | match 4087, no values are returned.

 

Cause:

The configlet shows the login user "skyenterprise" with a plain-text-password hash beginning with $6$. When a plain-text-password uses the SHA-512 hash, the encrypted-password hash will begin with $6$. On EX switches that are running Junos OS Release 12.3R12 and earlier, only MD5 hash is supported even though the configuration commits without an error.

 

Solution:

Since EX switches running Junos OS Release 12.3R12 and earlier only support MD5 hash, when adding a device, the optional check box "Allow legacy MD5 passwords" needs to be selected. For these devices, the following procedure must be followed:

  1. From the device tab, delete the existing device. 

  2. Click the +Add Device button.

  1. In the Add Device dialog box, select the "Show Optional Fields?" check box, scroll down, and select the "Allow legacy MD5 passwords" check box.

  1. Click Create Device.

  2. Copy the configlet, paste it into the EX device, and commit the configuration.

The device will now be able to communicate to Sky Enterprise, and the device will show as Online.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search