This tutorial explains how to return the configuration on a SRX firewall to the factory default version.
Using the Reset Config Button
You can use the Reset Config button on the front panel of the SRX firewall device to reset the device to its factory default configuration. The Reset Config button is recessed to prevent it from being pressed accidentally; so you need to insert a small probe (for example, a straightened paper clip) to press the button.
Using the load factory-default Command
If you are still able to logon to the device via the CLI, you can use the load factory-default command to return the device to its factory default configuration. This command loads and commits the factory configuration; but this command does not delete other configuration files on the device.
Type the load factory-default command:
[email protected]# load factory-default
Use the set system root-authentication plain-text-password command to set a new root password for the device:
[email protected]# set system root-authentication plain-text-password
Type the root password and retype it to confirm it:
Retype new password:
Caution: Prior to committing the changes, if an IP address is not assigned for the ‘ge-0/0/0’ interface, create a local user account and type the routing information; either via the CLI configuration or DHCP. The SRX device will no longer be remotely accessible.
To manage the SRX firewall device, you must connect a PC or laptop to the physical console or attach the PC or laptop to a subnet that is directly connected to the ge-0/0/0 interface, which is assigned an IP address of ‘192.168.2.1’.
Use the commit and-quit command to commit the configuration and exit the configuration mode, if the configuration contains no errors and the commit is successful
[email protected]# commit and-quit
After the commit, the factory default configuration will be the running configuration.