Manuals / Juniper Networks / Computer Equipment / Network Router

Juniper Networks J2320 manual Configuring Secure Web Access, Secure Web Access Terms

Models: J2320

1 330

Download 330 pages 32.01 Kb

Page 173

Chapter 8

Configuring Secure Web Access

You can manage a Services Router remotely through the J-Web interface. To communicate with the router, the J-Web interface uses Hypertext Transfer Protocol (HTTP). HTTP allows easy Web access but no encryption. The data that is transmitted between the Web browser and the router by means of HTTP is vulnerable to interception and attack. To enable secure Web access, a router supports Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS access on specific interfaces and ports as needed.

You can use J-Web Quick Configuration, the J-Web configuration editor, or the CLI configuration editor to configure secure Web access.

This chapter contains the following topics. For more information about the J-Web interface, see the J-Web Interface User Guide.

■Secure Web Access Terms on page 151

■Secure Web Access Overview on page 152

■Before You Begin on page 152

■Configuring Secure Web Access on page 153

■Configuring Secure Web Access with a Configuration Editor on page 156

■Verifying Secure Web Access on page 157

Secure Web Access Terms

Before configuring secure Web access, become familiar with the terms defined in Table 58 on page 151.

Table 58: Secure Web Access Terms

Term	Definition
certificate authority (CA)	Third-party organization or company that issues digital certificates used to create
	digital signatures and public-private key pairs. The CA guarantees the identity of the
	individual or device that presents the digital certificate.
Hypertext Transfer	Protocol used to publish and receive information on the Web, such as text and graphics
Protocol (HTTP)	files.

Secure Web Access Terms ■ 151

Image 173

Juniper Networks J2320 manual Configuring Secure Web Access, Secure Web Access Terms

Contents

Getting Started Guide Software License End User License Agreement IiiPage Abbreviated Table of Contents Page Table of Contents Chapter PIM and VoIP Module Overview Viii Table of Contents101 Part Installing a Services Router129 115151 Part Maintaining Services Router Hardware161 173215 Xii Table of Contents211 245 Part Series Requirements and Specifications225 Part Xiv Table of ContentsObjectives About This GuideAudience ObjectivesXvi How to Use This Guide How to Use This GuideLocation of J-series Information Series Tasks Location of InstructionText and Syntax Conventions Document ConventionsWeb GUI Conventions Related Juniper Networks DocumentationRelated Juniper Networks Documentation Series Guides and Related Junos Software PublicationsGetting Started Guide for Your Router Xx Related Juniper Networks Documentation Series Services Router Administration GuideChapter in a J-series Guide Documentation Feedback Documentation FeedbackRequesting Support Page Series Overview Series OverviewPage Overview of Services Routers J2320 Services Router Overview J2320 Services Router OverviewJ2350 Services Router Overview J4350 Services Router Overview J4350 Services Router OverviewOverview of Services Routers J6350 Services Router Overview J6350 Services Router OverviewSummary of J-series Features and License Requirements Series Software Features and LicensesFeature Category Series Feature Separate License Series Software Features and LicensesMulticast RoutingIP Address ManagementEncapsulation Ethernet Voice Support SecurityHigh Availability Traffic AnalysisMonitoring AdministrationPage System Overview J2320 and J2350 Services Router Hardware FeaturesJ2320 and J2350 Services Router Hardware Features J2320 and J2350 Chassis 14 J2320 and J2350 Services Router Hardware FeaturesRear of J2320 Chassis Front of J2350 ChassisJ2320 Hardware Components Rear of J2350 DC-Powered ChassisDescription Value J2320 and J2350 Physical SpecificationsJ2320 and J2350 Routing Engine Hardware 18 J2320 and J2350 Services Router Hardware FeaturesJ2320 and J2350 Midplane J2320 and J2350 Front Panel J2320 and J2350 Boot DevicesPhysical Interface Modules PIMs Power Button and Power LED20 J2320 and J2350 Services Router Hardware Features Color State Description J2320 and J2350 Power LEDJ2320 and J2350 Status LED 22 J2320 and J2350 Services Router Hardware Features Reset Config ButtonJ2320 and J2350 Alarm LED Console Port Built-In Gigabit Ethernet PortsAUX Port Gigabit Ethernet Port LEDsJ2350 Power System J2320 Power System24 J2320 and J2350 Services Router Hardware Features J2320 and J2350 External Compact FlashesJ2320 and J2350 Cooling System 26 J4350 and J6350 Services Router Hardware Features J4350 and J6350 Services Router Hardware FeaturesJ4350 and J6350 Chassis J4350 and J6350 Services Router Hardware FeaturesFront of J4350 and J6350 Chassis Rear of J4350 AC-Powered ChassisRear of J4350 DC-Powered Chassis 30 J4350 and J6350 Services Router Hardware Features J4350 and J6350 Physical SpecificationsJ4350 and J6350 Routing Engine Hardware J4350 and J6350 Boot DevicesJ4350 and J6350 Midplane J4350 and J6350 Front Panel 32 J4350 and J6350 Services Router Hardware FeaturesPower LED Slot Number Diagram on Front PanelStatus LED Alarm LED34 J4350 and J6350 Services Router Hardware Features HA LED 36 J4350 and J6350 Services Router Hardware Features J4350 Power SystemState Description J6350 Power SystemPower Supply LED J4350 and J6350 Cooling System 38 J4350 and J6350 Services Router Hardware FeaturesSoftware Overview Software OverviewJunos Software Processes Routing Engine and Packet Forwarding EngineKernel and Microkernel Process Name Description User InterfacesJunos Software Processes Software Overview PIM and VoIP Module Overview PIM and VoIP Module Terms PIM and VoIP Module TermsTerm Definition PIM and VoIP Module TermsDialer filter PIM and VoIP Module OverviewField-Replaceable PIMs Field-Replaceable PIMsJ2320 and J2350 Field-Replaceable PIM Summary J2320 and J2350 Field-Replaceable PIM Summary J4350 and J6350 Field-Replaceable PIM SummaryJ4350 and J6350 Field-Replaceable PIM Summary T3-0/0/0 Port, 6-Port, 8-Port, and 16-Port Gigabit Ethernet uPIMsE3-2/0/0 Fe-1/0/0Port Gigabit Ethernet uPIM PIM and VoIP Module Overview Parameter 1000Base-SX Transceiver 1000Base-LX Transceiver Port Gigabit Ethernet ePIMsOptical Interface Support for SFP Gigabit Ethernet uPIMs Copper Gigabit Ethernet ePIM Optical Interface Support for SFP Gigabit Ethernet ePIM Dual-Port Serial PIM Dual-Port Serial PIMColor State Description Dual-Port T1 or E1 PIMStatus LEDs for Serial Ports Status LEDs for T1 and E1 Ports Dual-Port Channelized T1/E1/ISDN PRI PIMChannelized T1/E1/ISDN PRI PIM Label Color State Description T3 or E3 PIMLEDs for Channelized T1/E1/ISDN PRI PIMs Status LEDs for T3 and E3 Ports E3 PIMLEDs for Dual-Port Fast Ethernet PIM Dual-Port Fast Ethernet PIMPort Fast Ethernet ePIM Port Fast Ethernet ePIMLEDs for 4-Port Fast Ethernet ePIM Port Isdn BRI PIMsOnline LEDs for Isdn BRI S/T and U PIMsLEDs for Adsl PIMs Adsl 2/2+ Annex a PIMShdsl PIM Avaya VoIP Module Summary Avaya VoIP ModulesLEDs for G.SHDSL PIMs Avaya VoIP ModulesSample Interface J2320 and J2350 Avaya VoIP Module SummarySoftware Release for Slot and Port Maximum Number on Also Called This PIM Numbering Chassis Type-pim/0/portAlso Called TGM550 Telephony Gateway ModuleJ4350 and J6350 Avaya VoIP Module Summary TGM550 Telephony Gateway Module Additional Information Hardware or Feature TGM550 Maximum CapacityTGM550 Maximum Media Gateway Capacities ALM LEDs for TGM550 Gateway ModuleTIM510 E1/T1 Telephony Interface Module TIM510 E1/T1 Telephony Interface ModuleLEDs for TIM510 TIM514 Analog Telephony Interface ModuleLEDs for TIM514 TIM514 Possible Port ConfigurationsTIM521 BRI Telephony Interface Module LEDs for TIM521 TIM521 BRI Telephony Interface ModulePIM and VoIP Module Overview Page User Interface Overview Services Router User Interface OverviewWeb Overview User Interface OverviewBefore You Begin CLI OverviewBefore You Begin Services Router User Interface Overview Using the J-Web InterfaceUsing the J-Web Interface Starting the J-Web InterfaceWeb Layout Web LayoutTop Pane Elements Elements of the J-Web InterfaceMain Pane Elements Main Pane ElementsSide Pane Elements Navigating the J-Web InterfaceNavigating the J-Web Configuration Editor Navigating the Quick Configuration PagesWeb Quick Configuration Buttons Function ButtonGetting J-Web Help Key J-Web Edit Configuration ButtonsCoS Help Web SessionsUsing the Command-Line Interface Using the Command-Line InterfaceCLI Command Hierarchy Starting the CLI CLI Operational ModeCLI Configuration Mode Editing Keystrokes CLI BasicsTask Category Action Keyboard Sequence Command CompletionCLI Editing Keystrokes Online Help Help Commands Configuring the CLI EnvironmentConfiguring the CLI Environment Set cli terminal Set cli screen-widthAnsi Vt100Page Installing a Services Router Installing a Services RouterPage General Site Guidelines Preparing for Router InstallationGeneral Site Guidelines Rack Requirements Rack RequirementsRack Size and Strength for J2320 and J2350 Routers Connection to Building Structure Preparing for Router InstallationRack Size and Strength for J4350 and J6350 Routers Router Environmental Tolerances Fire Safety RequirementsFire Suppression Router Environmental TolerancesFire Suppression Equipment Power Guidelines, Requirements, and SpecificationsPower Guidelines, Requirements, and Specifications Router Power Requirements Site Electrical Wiring GuidelinesSignaling Limitations Radio Frequency InterferenceSpecification AC Power, Connection, and Power Cord SpecificationsCountry Electrical Specifications Plug Standards DC Power, Connection, and Power Cable SpecificationsAC Power Cord Specifications Preparing for Router Installation Series PIM Power Consumption and Heat Dissipation Planning for Power ManagementTokens Junos CLI Power Name Model Number2xT1 2xE12xCT1E1 / PRI 1xE3Site Preparation Checklist Network Cable SpecificationsMaximum Power and Heat Capacities of J-series Models Site Preparation ChecklistSite Preparation Checklist Page Installing and Connecting a Services Router Unpacking a J-series Services Router Unpacking a J-series Services RouterInstalling J2320 and J2350 Routers Installing J2320 and J2350 RoutersInstalling and Connecting a Services Router Installing J4350 and J6350 Routers Installing J4350 and J6350 RoutersInstalling the Mounting Brackets Attaching Center Screw to the Rack Chassis Grounding Connecting Interface Cables to Services RoutersConnecting Interface Cables to Services Routers Connecting Power Connecting PowerConnecting AC Power Connecting AC Power to the J2320 Services Router Connecting AC Power to the J2350 Services Router Connecting DC PowerVDC and RTN Connecting DC Power to the J2350 Services Router Powering a Services Router On and Off Powering a Services Router On and OffPage Basic Connectivity Terms Establishing Basic ConnectivityBasic Connectivity Terms Basic Connectivity TermsBasic Connectivity Overview Basic Connectivity OverviewRouter Identification Establishing Basic Connectivity Root PasswordTime Zone and System Time Default Gateway Network SettingsBackup Router Loopback AddressBuilt-In Ethernet Interface Address Management AccessConfiguration Guide for Common Criteria and JUNOS-FIPS Connecting to a Services Router Connecting to a Services RouterConnecting to the J-Web Interface Connecting to a Services Router COM1 Connecting to the CLI LocallyConnecting to the Console Port on J2320 and J2350 Routers Configuring the Modem at the Router End Connecting to the CLI RemotelyConnecting the Modem to the Console Port Configuring Basic Settings with J-Web Quick Configuration Configuring Basic Settings with J-Web Quick ConfigurationConnecting to the CLI at the User End Set Up Quick Configuration Field Function Your Action Set Up Quick Configuration SummaryIdentification TimeField Function Set Up Quick Configuration SummaryNetwork Ge-0/0/0 AddressSample Settings on a Services Router Configuring Basic Settings with a Configuration EditorConfiguring Basic Settings Set backup router address Task Web Configuration Editor CLI Configuration EditorSet ntp server Set name-serverGe-0/0/0 Verifying Basic ConnectivityDelete ge-0/0/0 unit 0 family inet address Set ge-0/0/0 unit 0 family inet address 192.168.1.1/24Displaying Basic Connectivity Configurations Displaying Basic Connectivity ConfigurationsPage Secure Web Access Terms Configuring Secure Web AccessSecure Web Access Terms Secure Web Access TermsSecure Web Access Overview Secure Web Access OverviewGenerating SSL Certificates Configuring Secure Web AccessConfiguring Secure Web Access Quick Configuration Secure Access Http Web Access Secure Access Quick Configuration SummaryHttps Web Access CertificatesSecure Access Quick Configuration Summary Configuring Secure Web Access with a Configuration EditorConfiguring a Secure Web Access Configuring Secure Web Access with a Configuration EditorVerifying Secure Web Access Verifying Secure Web AccessTask Set certificates local new load-key-filepathDisplaying an SSL Certificate Configuration Displaying an SSL Certificate ConfigurationDisplaying a Secure Access Configuration Displaying a Secure Access ConfigurationPage Software Feature Licenses Installing and Managing J-series LicensesSeries Services Router Software Feature Licenses Series License OverviewBGP Route Reflectors License Key ComponentsSummary of License Management Fields Feature SummaryManaging J-series Licenses with the J-Web Interface Adding New Licenses with the J-Web Interface Installed LicensesDisplaying License Keys with the J-Web Interface Deleting Licenses with the J-Web InterfaceDownloading Licenses with the J-Web Interface Managing J-series Licenses with the CLISaving License Keys with the CLI Deleting a License with the CLIVerifying J-series License Management Verifying J-series License ManagementDisplaying Installed Licenses Displaying Installed LicensesDisplaying License Usage Displaying License UsagePage Maintaining Services Router Hardware Maintaining Services Router HardwarePage Tools and Parts Required Replacing Hardware ComponentsTools and Parts Required Replacing a PIM Replacing the Console Port CableRemoving a PIM Tools and Parts RequiredReplacing a PIM Replacing Hardware ComponentsInstalling a PIM Installing a PIMReplacing PIM Cables Installing PIM CablesRemoving PIM Cables Replacing PIM CablesUser@host request chassis fpc slot pim-slotonline To replace the cover on the J2320 and J2350 chassis Matching the Chassis Slots and Tabs Location of J2320 and J2350 Internal Compact Flash Removing the J2320 or J2350 Internal Compact Flash Location of J4350 and J6350 Compact Flash Page Removing the J4350 or J6350 Compact Flash Replacing External Compact Flashes Replacing External Compact FlashesReplace the compact flash slot cover Replacing USB Storage Devices Replacing USB Storage DevicesRemoving the USB Storage Device Installing the USB Storage Device Replacing Dram Modules Replacing Dram ModulesJ4350 and J6350 Dram Location Removing a Dram ModuleInstalling or Replacing Dram Modules Installing a Dram ModuleReplacing Power System Components Replacing Power System ComponentsReplacing AC Power Supply Cords Removing an AC Power Supply from J6350 Routers Removing an AC Power Supply Installing an AC Power Supply in J6350 RoutersInstalling an AC Power Supply Replacing DC Power Supply CablesRemoving a DC Power Supply Removing a DC Power Supply Installing a DC Power SupplyVDC and RTN Installing a DC Power Supply Removing a J2320 or J2350 Crypto Module Removing a J2320 or J2350 Crypto Accelerator ModuleInstalling a J2320 or J2350 Crypto Accelerator Module Installing a J2320 or J2350 Crypto Accelerator ModuleUser@host show chassis hardware Removing a J4350 or J6350 Crypto Accelerator Module Removing a J4350 or J6350 Crypto Module Screw Installing a J4350 or j6350 Crypto Accelerator ModuleUser@host show chassis hardware Replacing Air Filters on J2350 Routers Replacing Air Filters on J2350 RoutersReplacing Air Filters on J4350 and J6350 Routers Replacing Air Filters on J4350 and J6350 RoutersAttaching Air Filter and Filter Cover Page Chassis Alarm Conditions Troubleshooting Hardware ComponentsChassis Alarm Conditions and Corrective Actions Component Alarm Conditions Corrective Action Alarm SeverityTroubleshooting Power Management Troubleshooting Power ManagementUser@host show chassis fpc Troubleshooting Hardware ComponentsContacting the Juniper Networks Technical Assistance Center Contacting the Juniper Networks Technical Assistance CenterLocating Component Serial Numbers Contacting Customer Support and Returning HardwareLocating Component Serial Numbers Location of the Serial Number ID Labels J2320 and J2350 Chassis Serial Number and Agency LabelsContacting Customer Support and Returning Hardware J4350 and J6350 Chassis Serial Number and Agency LabelsPIM Serial Number Label Power Supply Serial Number LabelsContacting Customer Support Contacting Customer SupportInformation You Might Need to Supply to Jtac Return ProcedureReturn Procedure Packing a Router or Component for Shipment Packing the Services Router for ShipmentTools and Parts Required Packing a Router or Component for ShipmentPacking Components for Shipment Page Series Requirements and Specifications Series Requirements and SpecificationsPage Serial PIM Cable Specifications Network Cable Specifications and Connector PinoutsPort Serial PIM Cables and Connectors Serial PIM Cable SpecificationsRS-232 DTE Cable Pinout LFH-60 Pin DB-25 Pin LFH-60 Pairing DescriptionRS-232 DTE Cable Pinout RS-422/449 EIA-449 DTE Cable Pinout RS-232 DCE Cable PinoutRS-232 DCE Cable Pinout RS-422/449 EIA-449 DTE Cable PinoutSend Data a RS-422/449 EIA-449 DCE Cable Pinout RS-422/449 EIA-449 DCE Cable PinoutEIA-530A DTE Cable Pinout EIA-530A DTE Cable PinoutEIA-530A DCE Cable Pinout EIA-530A DCE Cable Pinout35 DTE Cable Pinout LFH-60 Pin 34 Pin LFH-60 Pairing DescriptionDTE Cable Pinout DCE Cable Pinout LFH-60 Pin DB-15 Pin LFH-60 Pairing Description35 DCE Cable Pinout 21 DTE Cable Pinout21 DCE Cable Pinout Gigabit Ethernet uPIM RJ-45 Connector Pinout Fast Ethernet RJ-45 Connector PinoutFast Ethernet RJ-45 Connector Pinout Gigabit Ethernet uPIM RJ-45 Connector PinoutGigabit Ethernet ePIM RJ-45 Connector Pinouts Gigabit Ethernet ePIM RJ-45 Connector PinoutPin Signal Name Gigabit Ethernet ePIM RJ-45 Connector PinoutE1 and T1 RJ-48 Cable Pinouts RJ-45 Chassis Console Connector PinoutDB-9 Console Connector Pinout 238 E1 and T1 RJ-48 Cable Pinouts RJ-48 Connector to RJ-48 Connector Straight PinoutRJ-48 Connector to RJ-48 Connector Crossover Pinout RJ-48 Connector to DB-15 Connector Crossover Pinout RJ-48 Connector to DB-15 Connector Straight PinoutAdsl and G.SHDSL RJ-11 Connector Pinout E3 and T3 BNC Connector PinoutAdsl and G.SHDSL RJ-11 Connector Pinout PinSignalConnector Pinouts for Avaya VoIP Modules Isdn RJ-45 Connector PinoutIsdn RJ-45 Connector Pinout Isdn RJ-45 Connector PinoutTGM550 RJ-45 Console Connector Pinouts TGM550 RJ-11 Connector Pinout for Analog PortsTGM550 RJ-11 Connector Pinout TGM550 RJ-45 Pin Signal Terminal DB-9 PinsTIM514 Connector Pinout TIM510 RJ-45 Connector PinoutTIM521 Connector Pinout TIM510 RJ-45 Connector PinoutTIM521 RJ-45 Connector Pinout Definition of Safety Warning Levels Safety and Regulatory Compliance InformationDefinition of Safety Warning Levels Page General Safety Guidelines and Warnings Safety Guidelines and WarningsSafety and Regulatory Compliance Information Safety Guidelines and WarningsQualified Personnel Warning Preventing Electrostatic Discharge Damage Electrical Safety Guidelines and WarningsGeneral Electrical Safety Guidelines Power Cable Warning Japanese AC Power Electrical Safety GuidelinesPower Sources for Redundant Power Supplies DC Power Electrical Safety GuidelinesDC Power Disconnection Warning DC Power Grounding Requirements and Warning Varten 48 V, +RTN varten +RTN, maajohto maajohtoon DC Power Wiring Sequence WarningDC Power Wiring Terminations Warning Page Grounded Equipment Warning Case of Electrical Accident Multiple Power Supplies Disconnection WarningPower Disconnection Warning TN Power Warning Telecommunication Line Cord Warning Chassis Lifting Guidelines Installation Safety Guidelines and WarningsRack-Mounting Requirements and Warnings Installation Instructions WarningSafety and Regulatory Compliance Information Safety Guidelines and Warnings Safety and Regulatory Compliance Information Ramp Warning Class 1 Laser Product Warning Laser and LED Safety Guidelines and WarningsGeneral Laser Safety Guidelines Laser Beam Warning Class 1 LED Product WarningRadiation from Open Port Apertures Warning Page Battery Handling Warning Maintenance and Operational Safety Guidelines and WarningsJewelry Removal Warning Safety and Regulatory Compliance Information Lightning Activity Warning Operating Temperature Warning Product Disposal Warning Agency Approvals Agency ApprovalsCompliance Statements for Environmental Requirements Lithium BatteryCompliance Statements for EMC Requirements Compliance Statements for Environmental RequirementsCompliance Statements for EMC Requirements CanadaEuropean Community Preceding translates as follows JapanFCC Part 68 Statement United StatesFCC Part 15 Statement Safety and Regulatory Compliance Information Page Index IndexPage Symbols Analog telephone Line ports Junos CLI See also LEDs 253 Eprom Glossary 117 J2350 T3 PIM TX/RX Adsl AUX Power system Connecting 123 Fan Number 219 Establishing software connectivity 129 SSH See also Junos CLI EMI