Juniper SRX - Sanitize Configuration Before Migrate

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
L7 Applicator
50% helpful (1/2)

Generate the XML configuration by running this command from the CLI

 

show configuration | display xml | no-more

 

Before you import a Juniper SRX into Expedition, there are some manual checks we can do to verify the migration will work.

 

  1. The configuration must start only with <configuration> tag, you have to replace everything before or inside that tag by only <configuration>
  2. The configuration must end with </configuration> any other text after it must be removed

        Here's an example on how a SRX config should look when you edit:

 

<configuration>
....
....
</configuration>

 

  • For integrity validation is a good practice try to open the XML file from FIREFOX browser becasue if something is breaking the XML integretity FIREFOX will notice to you which line has an invalid character. You must replace the invalid character before upload it to Expedition

This is an example of wrong configuration. It seems someone created the file but stored with wrong jumps on it, so Firefox will complain about the format.

 

    srxfail.png

If we edit the file, we can see this at line 911 of the config file:

 

<pre-shared-key>
<ascii-text>$9$4xxxxxxxxxxxx</asc
ii-text>
</pre-shared-key> 

 

To fix this example, we have to remove the break line after </asc to:

 

<pre-shared-key>
<ascii-text>$9$4xxxxxxxxxxxx</ascii-text>
</pre-shared-key> 

Fix all the problems before importing into Expedition.

 

Hope this helps.

Rate this article:
Comments
L0 Member

Hi I tried doing  the same and able to open the file in the firefox without any error ,but when i load in expedition im getting xml remove attributes in the configuration tag  and not loading .

 

XML file opens perfectly in all the browsers without any error ...Please advice

L0 Member

I would suggest using an online XML viewer to see what is broken in the XML, such as :

 

https://codebeautify.org/xmlviewer

  • 20170 Views
  • 2 comments
  • 1 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎10-07-2019 08:31 AM
Updated by:
Retired Member