Managing User Authentication and Access | Juniper Networks J-Series

Chapter 1

Managing User Authentication and Access

You can use either J-Web Quick Configuration or a configuration editor to manage system functions, including RADIUS and TACACS+ servers, and user login accounts.

This chapter contains the following topics. For more information about system management, see the JUNOS System Basics Configuration Guide.

If the router is operating in a Common Criteria environment, see the Secure

Configuration Guide for Common Criteria and JUNOS-FIPS.

■User Authentication Terms on page 3

■User Authentication Overview on page 4

■Before You Begin on page 8

■Managing User Authentication with Quick Configuration on page 8

■Managing User Authentication with a Configuration Editor on page 12

■Recovering the Root Password on page 21

■Securing the Console Port on page 23

■Accessing Remote Devices with the CLI on page 24

■Configuring Password Retry Limits for Telnet and SSH Access on page 26

User Authentication Terms

Before performing system management tasks, become familiar with the terms defined in Table 5 on page 3.

Table 5: System Management Terms

Term	Definition
Remote Authentication Dial-In User	Authentication method for validating users who attempt to access one or more
Service (RADIUS)	Services Routers by means of Telnet. RADIUS is a multivendor IETF standard
	whose features are more widely accepted than those of TACACS+ or other
	proprietary systems. All one-time-password system vendors support RADIUS.
Terminal Access Controller Access	Authentication method for validating users who attempt to access one or more
Control System Plus (TACACS+)	Services Routers by means of Telnet.

User Authentication Terms ■ 3

Image 25

Juniper Networks J-Series Managing User Authentication and Access, User Authentication Terms, System Management Terms

Contents

North Mathilda Avenue Sunnyvale, California Administration Guide Series Services Router Administration Guide End User License Agreement IiiPage Abbreviated Table of Contents Series Services Router Administration Guide Table of Contents Modifying USB Modem Initialization Commands Using the telnet Command Using the ssh CommandViii Table of Contents Management Information Base Verifying Autoinstallation Status Configuring Autoinstallation with a Configuration EditorEvent Policy Overview Configuring Event Policies Part Monitoring a Services Router Part Managing Services Router Software Part Diagnosing Performance and Network Problems Xiii Part Index Objectives About This GuideAudience Objectives Xvi How to Use This Guide How to Use This GuideLocation of J-series Information Series Tasks Location of Instruction On page xvii defines the notice icons used in this guide Document ConventionsText and Syntax Conventions Web GUI Conventions Related Juniper Networks Documentation Getting Started Guide for Your Router Series Guides and Related Junos Software PublicationsRelated Juniper Networks Documentation Chapter in a J-series Guide Series Services Router Administration GuideXx Related Juniper Networks Documentation Requesting Technical Support Documentation FeedbackDocumentation Feedback Xxii Requesting Technical Support Opening a Case with Jtac Configuring a Services Router for Administration Configuring a Services Router for AdministrationPage User Authentication Terms Managing User Authentication and AccessSystem Management Terms User Authentication User Authentication OverviewUser Authentication Overview User Accounts Predefined Login Classes Login ClassesPermission Bits Permission Bits for Login Classes Template Accounts Denying or Allowing Individual Commands Adding a Radius Server for Authentication Managing User Authentication with Quick ConfigurationTo configure a Radius server with Quick Configuration Before You Begin To configure a TACACS+ server with Quick Configuration Adding a TACACS+ Server for AuthenticationUsers Quick Configuration for Radius Servers Summary Radius Server To configure system authentication with Quick Configuration Configuring System AuthenticationUsers Quick Configuration for TACACS+ Servers Summary TACACS+ Server Add a User Quick Configuration Page Summary To configure users with Quick ConfigurationAdding New Users User Information Setting Up Radius Authentication Managing User Authentication with a Configuration EditorManaging User Authentication with a Configuration Editor Setting Up Radius Authentication Setting Up TACACS+ Authentication 172.16.98.24 Setting Up TACACS+ AuthenticationSet tacplus-server address Tacacssecret1 Configuring Authentication Order Configuring Authentication OrderInsert system authentication-order radius After password Defining Login Classes Controlling User AccessDefining Login Classes EditEdit Configuration Operator-and-boot Operator-and-boot withRequest system reboot Creating User Accounts ConfigurationView Setting Up Template AccountsCreating User Accounts Set user cmartin class superuser Creating a Remote Template Account Creating a Remote Template Account Creating a Local Template Account Creating a Local Template Account Recovering the Root Password Recovering the Root Password Ok boot -s Securing the Console Port Securing the Console Port Using the telnet Command Accessing Remote Devices with the CLISecuring the Console Port CLI telnet Command Options Using the ssh CommandCLI ssh Command Options Configuring Password Retry Limits for Telnet and SSH Access Configuring Password Retry Limits for Telnet and SSH Access ConfigurationView and EditEdit Configuration Configuring Password Retry Limits for Telnet and SSH AccessEdit system login retry-options Set backoff-thresholdPage USB Modem Terms Setting Up USB Modems for Remote ManagementUSB Modem Terms USB Modem Interfaces USB Modem OverviewUSB Modem Terminology Series Default Modem Initialization Commands How a Services Router Initializes USB ModemsSetting Up USB Modems for Remote Management Modem Command Description S7=45 USB Modem Connection and Configuration Overview USB Modem Connection and Configuration OverviewOn the Services Router At the User End Configuring a USB Modem Interface Required Connecting the USB Modem to the Services Routers USB PortTo configure a USB modem interface for the Services Router ConfigurationView EditEdit Configuration Configuring a USB Modem InterfaceEdit interfaces umd0 S0=0 V1 X4 &C1 E0 Q0 &Q8 %C0 Adding a Dialer Interface to a Services Router Configuring a Dialer Interface Required Edit unit Configuring Dial-In Required172.20.10.2 172.20.10.1 To configure Chap on the dialer interface Configuring Chap on Dialer Interfaces OptionalConfiguring the Dialer Interface for Dial-In Ppp-options chap hierarchy level Web Configuration Editor Configuring Chap on Dialer InterfacesEdit access Edit interfaces dl0 unit Configuring a Dial-Up Modem Connection at the User End Connecting to the Services Router from the User EndConnecting to the Services Router from the User End USB-modem-connect-and then click Next Administering USB Modems Connecting to the Services Router from the User EndAdvanced TCP/IP Settings page appears Administering USB Modems Modifying USB Modem Initialization Commands Modifying USB Modem Initialization Commands Verifying the USB Modem Configuration Resetting USB ModemsModifying USB Modem Initialization Commands Configure Verifying a USB Modem Interface Verifying a USB Modem Interface Verifying Dialer Interface Configuration Verifying Dialer Interface Configuration Setting Up USB Modems for Remote Management Series Services Router Administration Guide Snmp Architecture Configuring Snmp for Network ManagementSnmp Architecture Snmp Communities Management Information Base Snmp Traps Configuring Snmp for Network ManagementSpoofing Snmp Traps Snmp Health Monitor To configure Snmp features with Quick Configuration Configuring Snmp with Quick Configuration Identification Snmp Quick Configuration SummaryCommunities Traps Health Monitoring Checks the following key indicators Configuring Basic System Identification Configuring Snmp with a Configuration EditorDefining System Identification Information Required Set description Configuring Snmp Agents and Communities RequiredSet name name Select Engine id Managing Snmp Trap Groups Required Configuring Snmp Agents and Communities Configuring Snmp Trap Groups Controlling Access to MIBs OptionalSelect the Authentication , Chassis , Click Categories Verifying Snmp Agent Configuration Verifying the Snmp ConfigurationConfiguring Snmp Views Verifying Snmp Health Monitor Configuration Verifying Snmp Health Monitor Configuration Series Services Router Administration Guide Configuring Snmp for Network Management Page Dhcp Terms Configuring the Router as a Dhcp ServerDhcp Terms Dhcp Terms Dhcp Overview Conflict Detection and Resolution Compatibility with AutoinstallationConfiguring the Router as a Dhcp Server Dhcp Options Configuring the Dhcp Server with Quick Configuration Configuring the Dhcp Server with Quick Configuration Dhcp Quick Configuration Main Dhcp Quick Configuration Pool Dhcp Quick Configuration Static Binding To configure the Dhcp server with Quick Configuration Dhcp Pool Information Dhcp Server Quick Configuration Pages SummaryLease Time Server Information Dhcp Static Binding Information Boot Options Sample Dhcp Server Configuration Settings Configuring the Dhcp Server with a Configuration EditorSettings Sample Value or Values Dhcp Subnet Configuration Dhcp MAC Address Configuration Entry Configuring the Dhcp Server Displaying a Dhcp Server Configuration Verifying a Dhcp Server ConfigurationIp address Verifying the Dhcp Binding Database Verifying the Dhcp Binding Database Verifying Dhcp Server Operation Verifying Dhcp Server Operation User@host ping Displaying Dhcp Statistics Displaying Dhcp StatisticsPage Autoinstallation Terms Configuring AutoinstallationAutoinstallation Terms Autoinstallation Supported Autoinstallation Interfaces and Protocols Autoinstallation OverviewHost-specific configuration Configuring Autoinstallation Typical Autoinstallation Process on a New Services Router Before You Begin Configuring Autoinstallation with a Configuration Editor Configuring Autoinstallation with a Configuration Editor Verifying Autoinstallation Status Verifying AutoinstallationConfiguring Autoinstallation ConfigurationView and Edit Edit Configuration Verifying Autoinstallation Status Page Commit Script Overview Automating Network Operations and Troubleshooting Var/db/scripts/commit directory Enabling Commit Scripts Disabling Commit Scripts Commit the configurationEnabling Commit Scripts Operation Script Overview Executing Operation Scripts Enabling Operation ScriptsVar/db/scripts/op directory Enabling Operation Scripts Running Self-Diagnostics with Event Policies Running Self-Diagnostics with Event PoliciesDisabling Operation Scripts Event Policy Overview Configuring Event Policies Configuring Destination for Uploading Files for Analysis Configuring Event PoliciesConfigure or Edit Configuring Event Policy Set output-filename config.txt output-format text Edit then execute-commandsExecute the show interfaces Set then Set raise-trapPage Monitoring a Services Router Monitoring a Services RouterPage Monitoring Terms Monitoring the Router and Routing OperationsMonitoring Overview Series Monitoring Terms Monitor Option Function Monitoring Tools OverviewSystem Chassis Routing Web Monitor Options and Corresponding CLI show CommandsCoS Show services nat pool Corresponding CLI Commands Interfaces-show mpls interfaceIPSec Rsvp Sessions-show rsvp session Show services rpm probe-results Filtering Command OutputPPPoE User@host show configuration match address Monitoring System Properties Using the Monitoring ToolsShow system uptime Show system users Show system storage Summary of Key System Properties Output Fields Name-server command Set system hostname commandSet system time-zone command Users CPU Usage Monitoring System Process Information Show system processes commandsSummary of System Process Information Output Fields System Storage Monitoring the Chassis Alarm SummarySummary of Key Chassis Output Fields Environment Information Field ValuesFailed Absent FPC Summary Monitoring the Interfaces Interface Summary Summary of Key Interfaces Output FieldsDown MTU Monitoring Routing Information Show route terse Show route detail Monitoring Route InformationSummary of Key Routing Information Output Fields Show bgp summary Show bgp neighbor Monitoring BGP Routing InformationSummary of Key BGP Routing Output Fields BGP Summary BGP Neighbors Down to Up Summary of Key Ospf Routing Output Fields Monitoring Ospf Routing InformationOspf Neighbors Ospf Interfaces Show rip statistics Show rip neighbors Monitoring RIP Routing InformationSummary of Key RIP Routing Output Fields Ospf Statistics Summary of Key DLSw Routing Information Output Fields Monitoring DLSw Routing InformationRIP Neighbors DLSw Capabilities DLSw Peers DLSw Circuits Show class-of-service Monitoring Class-of-Service PerformanceShow class-of-service interface interface Monitoring CoS Interfaces Monitoring CoS Classifiers Show class-of-service classifierSummary of Key CoS Interfaces Output Fields Summary of Key CoS Classifier Output Fields Monitoring CoS Value Aliases Show class-of-service code-point-aliases Monitoring CoS RED Drop Profiles Show class-of-service drop-profileSummary of Key CoS Value Alias Output Fields Summary of Key CoS RED Drop Profile Output Fields Monitoring CoS Forwarding Classes Show class-of-service forwarding-class Monitoring CoS Rewrite Rules Show class-of-service rewrite-rulesSummary of Key CoS Forwarding Class Output Fields Summary of Key CoS Rewrite Rules Output Fields Monitoring CoS Scheduler Maps Show class-of-service scheduler-mapSummary of Key CoS Scheduler Maps Output Fields Monitoring Mpls Traffic Engineering Information Monitoring Mpls LSP Information Monitoring Mpls InterfacesShow mpls interface Show mpls lsp Show mpls lsp statistics Monitoring Mpls LSP StatisticsTransit Show rsvp session Monitoring Rsvp Session InformationSummary of Key Rsvp Session Information Output Fields Summary of Key Mpls LSP Statistics Output Fields Show rsvp interface Monitoring Mpls Rsvp Interfaces InformationSummary of Key Rsvp Interfaces Information Output Fields Static bandwidth X subscription factor Monitoring Service Sets Service Set Summary Summary of Key Service Set Output FieldsMonitoring Firewalls Summary of Key Stateful Firewall Statistics Output Fields Monitoring Stateful Firewall Statistics Summary of Key Stateful Firewall Filters Output Fields Monitoring Stateful Firewall FiltersBytes IDS Search-Narrowing Characteristics Monitoring Firewall Intrusion Detection Services IDSNarrow Search Box Entry or Selection On page 140 summarizes key output fields in IPSec displays Monitoring IPSec TunnelsSummary of Key Firewall IDS Output Fields Summary of Key IPSec Output Fields IPSec Statistics AH+ESPIKE Security Hmac-sha1 Monitoring NAT Pools Monitoring Dhcp Show services nat poolOn page 143 summarizes key output fields in NAT displays Summary of Key NAT Output Fields Dhcp Statistics Dhcp Conflicts Monitoring RPM Probes Show services rpm probe-resultsOn page 145 summarizes key output fields in RPM displays Summary of Key RPM Output Fields Round-Trip Time for a Probe RTT Cumulative Jitter for a Probe Monitoring PPP Summary of Key PPPoE Output Fields Monitoring PPPoEPPPoE Interfaces PPPoE Statistics PPPoE Version Monitoring the TGM550 Media Gateway VoIP Dynamic Call Admission Control Information Summary of Key Media Gateway Information Output FieldsTelephony Gateway Module Information DSP Page System Log Message Terms Monitoring Events and Managing System Log FilesSystem Log Message Terms System Log Messages Overview System Log Facilities and Severity Levels System Log Message DestinationsSystem Logging Facilities System Logging Severity Levels Regular Expressions Regular Expression Operator Matching Terms Common Regular Expression Operators and the Terms They Match Sending System Log Messages to a File Configuring System Log Messages with a Configuration EditorSending System Log Messages to a File Edit system syslog Archiving System Logs Sending System Log Messages to a User TerminalSending Messages to a User Terminal Set user frank any critical Monitoring System Log Messages with the J-Web Event Viewer Disabling System LogsFiltering System Log Messages Filtering System Log Messages Installation and Upgrade Guide CLI command-show system processes Viewing System Log Messages Viewing System Log Messages Alarm Terms Configuring and Monitoring Alarms Alarm Types Alarm OverviewAlarm Terms Interface alarm Alarm Conditions Alarm SeverityInterface Alarm Conditions Configuring and Monitoring Alarms Interface Alarm Conditions Pic-reset Pic-hold-resetHw-down Linkdown Chassis Alarm Conditions and Corrective Actions Component Alarm Conditions Chassis Alarm Conditions and Corrective ActionsCorrective Action Alarm Severity System Alarm Conditions and Corrective Actions Configuring Alarms with a Configuration EditorSystem Alarm Conditions and Corrective Actions Alarm Type Alarm Condition Corrective Action Configuring Interface Alarms Show chassis alarms Show system alarms Checking Active AlarmsOn page 174 summarizes the output fields on the alarms Summary of Key Alarm Output Fields Displaying Alarm Configurations Verifying the Alarms ConfigurationTo verify alarms configuration, perform the following task Edit User@host# show chassis alarms t3 Displaying Alarm Configurations Managing Services Router Software Managing Services Router SoftwarePage Upgrade and Downgrade Overview Performing Software Upgrades and RebootsUpgrade and Downgrade Overview Recovery Software Packages Upgrade Software Packages Secondary Storage Devices for Backup Downloading Software Upgrades from Juniper NetworksPerforming Software Upgrades and Reboots Installing Software Upgrades from a Remote Server Installing Software Upgrades with the J-Web InterfaceInstalling Software Upgrades with the J-Web Interface Install Remote Summary Installing Software Upgrades by Uploading FilesUpload Package Summary Installing Software Upgrades with the CLI Installing Software Upgrades with the CLIUser@host request system software add unlink no-copy source Var/tmp/junos-j-series8.5R2.1.tar.gz Downgrading the Software with the J-Web Interface Downgrading the SoftwareDowngrading the Software with the CLI Downgrading the Software User@host request system reboot Configuring Boot DevicesConfiguring Boot Devices User@host request system software rollback Snapshot Summary Click OK Partitions the boot medium CLI request system snapshot Command Options Configuring a Boot Device for Backup with the CLI Root-size size Option Description PartitionSwap-size size Why Compact Flash Recovery Might Be Necessary Recovering Primary Boot DevicesCLI set system dump-device Command Options Configuring Internal Compact Flash Recovery Recommended Recovery Hardware and SoftwareRecommended Recovery Hardware and Software Recovery Hardware \ physdiskwrite -u junos-jseries-7.0-20041028.0-export-cf512 Rebooting or Halting a Services Router Rebooting or Halting a Services Router CLI Request System Reboot Command Options Rebooting a Services Router with the CLIOption Description CLI Request System Halt Command Options Halting a Services Router with the CLI This option is a synonym for the at + minutes option Page Managing Files Cleaning Up FilesManaging Files with the J-Web Interface Managing Files with the J-Web Interface Downloading Files Cleaning Up Files with the CLI Deleting the Backup Software ImageDeleting the Backup Software Image Managing Files Managing Accounting Files Managing Accounting Files Encrypting and Decrypting Configuration Files Encrypting and Decrypting Configuration FilesGz.jc-for example, juniper.conf.gz.jc Request system set-encryption-key Commands Encrypting Configuration FilesCLI Command Description For example To begin the encryption process, commit the configuration Decrypting Configuration FilesTo begin the decryption process, commit the configuration Modifying the Encryption Key At the second prompt, reenter the new encryption key Diagnosing Performance and Network Problems Diagnosing Performance and Network ProblemsPage Diagnostic Terms Using Services Router Diagnostic ToolsSeries Diagnostic Terms Web Diagnostic Tools Overview Diagnostic Tools OverviewWeb Interface Diagnose and Manage Options Manage Options CLI Diagnostic Commands Overview Diagnosis and Troubleshooting CLI Diagnostic Command Summary Mpls Connection Checking Command Function StartOptions for Checking Mpls Connections Quit Ping LSP to Layer Ping mpls l3vpn Locate LSP usingVPN prefix Interface name Instance to which this General Preparation Mpls EnabledPing Mpls Preparation Loopback Address Pinging Hosts from the J-Web Interface Using the J-Web Ping Host ToolWeb Ping Host Field Summary Pinging Hosts from the J-Web Interface Ping Host Results Web Ping Host Results and Output Summary Ping Host Results and Output SummaryPing Host Result Icmpseq=0 Icmpseq=number Checking Mpls Connections from the J-Web Interface Using the J-Web Ping Mpls ToolChecking Mpls Connections from the J-Web Interface Locate LSP using interface name Ping LDP-signaled LSPWeb Ping Mpls Field Summary Ping LSP to Layer 3 VPN prefix Locate LSP from interface name Instance to which this connection belongsLocate LSP from virtual circuit information Ping end point of LSP Web Ping Mpls Results and Output Summary Ping Mpls Results and OutputField Description Time Tracing Unicast Routes from the J-Web Interface Using the J-Web Traceroute ToolTo use the traceroute tool Tracing Unicast Routes from the J-Web Interface Traceroute Field Summary Traceroute Web Traceroute Results and Output Summary Traceroute Results and Output Summary Capturing and Viewing Packets with the J-Web Interface Using J-Web Packet CaptureTo use J-Web packet capture Capturing and Viewing Packets with the J-Web Interface Ge-0/0/0 Packet Capture Field SummaryAdvanced Options Addresses Into hostnames in the packet headers displayed Web Packet Capture Results and Output Summary Packet Capture Results and Output Summary To quit the ping command, press Ctrl-C Using CLI Diagnostic CommandsCLI ping Command Options Pinging Hosts from the CLI Do-not-fragment Checking Mpls Connections from the CLI Following is sample output from a ping command Following is sample output from a ping mpls command Pinging RSVP-Signaled LSPs and LDP-Signaled LSPs CLI ping mpls l3vpn Command Options Following is sample output from a ping mpls l3vpn commandPinging Layer 3 VPNs CLI ping mpls l2vpn Command Options Following is sample output from a ping mpls l2vpn commandPinging Layer 2 VPNs Pinging Layer 2 Circuits CLI ping mpls l2circuit Command Options To quit the traceroute command, press Ctrl-C Using the traceroute CommandCLI traceroute Command Options Tracing Unicast Routes from the CLI Following is sample output from a traceroute command Using the traceroute monitor CommandGateway address Inet6 CLI traceroute monitor Command Options To quit the traceroute monitor command, press QOn page 240 summarizes the output fields of the display Tracing Multicast Routes from the CLI CLI traceroute monitor Command Output Summary Using the mtrace from-source Command On page 243 summarizes the output fields of the display CLI mtrace from-source Command Options CLI mtrace from-source Command Output Summary Using the mtrace monitor Command Displaying Log and Trace Files from the CLI CLI mtrace monitor Command Output Summary Monitoring Interfaces and Traffic from the CLI Using the monitor interface CommandCLI monitor interface Output Control Keys CLI monitor interface traffic Output Control Keys User@host monitor interface fe-0/0/0 Using the monitor traffic Command CLI monitor traffic Command Options Option Description Brief CLI monitor traffic Match ConditionsExtensive Match Condition Description Directional Arithmetic Operator CLI monitor traffic Logical OperatorsBinary Operator Relational Operator Following is sample output from the monitor traffic command Page Packet Capture Terms Configuring Packet CapturePacket Capture Terms Packet Capture Terms Packet Capture Overview Packet Capture on Router Interfaces Configuring Packet CaptureFirewall Filters for Packet Capture Analysis of Packet Capture Files Packet Capture Files Enabling Packet Capture Required Configuring Packet Capture with a Configuration Editor Navigate to the Forwarding options Enabling Packet Capture Configuring a Firewall Filter for Packet Capture Optional Configuring Packet Capture on an Interface RequiredConfiguring Packet Capture on an Interface 259 Edit firewall Configuring a Firewall Filter for Packet Capture192.168.1.1/32 Disabling Packet Capture Enter set packet-capture disableDeleting Packet Capture Files 261 User@host start shell Return to the CLI operational modeCd /var/tmp Rm pcap-file.fe.0.0.0 Verifying Packet Capture Displaying a Packet Capture ConfigurationMv pcap-file.fe.0.0.0 pcap-file.fe.0.0.0.chdsl Verifying Packet Capture Verifying Captured Packets Ftp lcd /var/tmp Local directory now /cf/var/tmp Return to the CLI configuration modeFtp bye Goodbye Edit User@host# Verifying Captured Packets Meaning Verify that the output shows the intended packets RPM Terms Configuring RPM Probes RPM Probes RPM OverviewRPM target RPM test RPM Tests Configuring RPM ProbesProbe and Test Intervals Jitter Measurement with Hardware Timestamping RPM Statistics RPM StatisticsRound-Trip Times Inbound and Outbound Times Icmp Timestamp Probes Only RPM Thresholds and Traps Configuring RPM with Quick ConfigurationRPM for BGP Monitoring Configuring RPM with Quick Configuration RPM Quick Configuration SummaryPerformance Probe Owners Router Advanced WAN Access Configuration Guide Maximum Probe Thresholds Generates Snmp traps when the threshold for standard Configuring Basic RPM Probes Configuring RPM with a Configuration EditorConfiguring RPM with a Configuration Editor Performance Probe Server Edit services rpm Configuring Basic RPM ProbesClick Configure Set probe customerA 192.178.16.5 Edit services rpm probe customerASet test icmp-test probe-frequency Set test icmp-test probe-type icmp-ping-timestamp Configuring TCP and UDP Probes Router a Configuration Configuring TCP and UDP Probes Router B Configuration Tuning RPM Probes Tuning RPM ProbesCustomerA Set probe-limit Configuring RPM Probes for BGP Monitoring Configuring RPM Probes to Monitor BGP Neighbors Configuring RPM Probes to Monitor BGP Neighbors Directing RPM Probes to Select BGP Routers Verifying an RPM ConfigurationDirecting RPM Probes to Select BGP Routers Add new entry Verifying RPM Services Verifying RPM ServicesVerifying RPM Statistics Verifying RPM Statistics Verifying RPM Probe Servers Verifying RPM Probe Servers Index on IndexIndex Series Services Router Administration Guide Index Symbols 112 Chassis Dd utility, for compact flash recovery 192 Snmp health monitor System logs Dhcp Snmp Junos Internet software Diagnosing problems from 210 Monitoring from 102 See also Snmp Permissions Radius CLI See also RPM probes Preparation Serial number Chassis components BGP TACACS+ Routing Engine, too warm Upgrades Version Hardware, displaying