Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Can the NetScreen firewall be upgraded without any network interruption?

0

0

Article ID: KB3964 KB Last Updated: 05 Oct 2019Version: 5.0
Summary:

Can a ScreenOS firewall be upgraded without any network interruption?

Solution:

When the ScreenOS version is upgraded, the firewall is reset after the new ScreenOS image has been loaded to flash. Once the reset completes, the new ScreenOS image becomes the running ScreenOS image.

During the reset, all the existing sessions will be affected, essentially cleared momentarily, until the firewall completes its reboot process. The time is dependent on factors like the size of the configuration to load once the device resets.

Once the firewall completes its reboot process, all existing sessions will have to be re-established again.

Therefore, when a firewall is in HA mode, it is worth performing the following steps:

1) Upgrade the slave unit first.

2) Wait at least 30 minutes for all new sessions to get synchronized to the slave.

3) Manually failover to the slave (Slave becomes the new Master)

4) Upgrade ScreenOS on the original master (new slave)

5) If you want the slave and master to swap back to their original order, perform another failover.



Here is the problem or goal:

  • Can the ScreenOS firewall be upgraded without any network interruption?

Applicable Products:

  •  SSG devices
  •  ISG1000s and ISG2000s
  • NS-5200s and NS-5400s

Applicable ScreenOS:

  • 6.3.0

 
Modification History:
2091-10-05: Removed unsupported devices and ScreenOS versions.
 
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search