Verifying Secure Web Access, Task | Juniper Networks J2320 guide

Chapter 8: Configuring Secure Web Access

Table 60: Configuring a Secure Web Access (continued)

Task

Import the SSL certificate that you have generated—for example, new.

For information about generating SSL certificates, see “Generating SSL Certificates” on page 153.

J-Web Configuration Editor

1.Next to Certificates, click Configure.

2.Next to Local, click Add new entry.

3.In the Name box, type a name for the certificate to be imported—for example, new.

4.In the Certificate box, paste the generated SSL certificate and private key.

5.Click OK.

CLI Configuration Editor

Enter

set certificates local new load-key-filepath

Replace path with a path or URL to the file containing an SSL certificate and private key in PEM format—for example,

/var/tmp/new.pem

Enable HTTPS access and specify the SSL certificate to be used for authentication.

Specify the port on which HTTPS access is to be enabled—for example, TCP port 8443.

NOTE: You can enable HTTPS access on specified interfaces also. If you enable HTTPS without specifying an interface, HTTPS is enabled on all interfaces.

1.On the main Configuration page next to System, click Configure or Edit.

2.Select the Services check box and click Edit next to it.

3.Next to Web management, click Edit.

4.Select the Https check box and click Edit next to it.

5.In the Local certificate box, type the name of the certificate—for example, new.

6.In the Port box, type 8443.

7.Click OK.

From the [edit system] hierarchy level, enter

set services web-management https local-certificate new port 8443

Verifying Secure Web Access

To verify that the Services Router has the secure access settings you configured, perform the following tasks:

■Displaying an SSL Certificate Configuration on page 158

■Displaying a Secure Access Configuration on page 159

Verifying Secure Web Access ■ 157

Image 179

Juniper Networks J2320 Verifying Secure Web Access, Task, Set certificates local new load-key-filepath, Var/tmp/new.pem

Contents

Getting Started Guide Software License End User License Agreement IiiPage Abbreviated Table of Contents Page Table of Contents Chapter PIM and VoIP Module Overview Viii Table of Contents 101 Part Installing a Services Router 129 115 173 Part Maintaining Services Router Hardware151 161 215 Xii Table of Contents211 245 Part Series Requirements and Specifications225 Part Xiv Table of Contents Objectives About This GuideObjectives Audience Series Tasks Location of Instruction How to Use This GuideXvi How to Use This Guide Location of J-series Information Text and Syntax Conventions Document Conventions Web GUI Conventions Related Juniper Networks Documentation Related Juniper Networks Documentation Series Guides and Related Junos Software PublicationsGetting Started Guide for Your Router Xx Related Juniper Networks Documentation Series Services Router Administration GuideChapter in a J-series Guide Documentation Feedback Documentation FeedbackRequesting Support Page Series Overview Series OverviewPage Overview of Services Routers J2320 Services Router Overview J2320 Services Router OverviewJ2350 Services Router Overview J4350 Services Router Overview J4350 Services Router OverviewOverview of Services Routers J6350 Services Router Overview J6350 Services Router Overview Series Software Features and Licenses Series Software Features and LicensesSummary of J-series Features and License Requirements Feature Category Series Feature Separate License Management RoutingMulticast IP Address Encapsulation Ethernet Traffic Analysis SecurityVoice Support High Availability Monitoring AdministrationPage System Overview J2320 and J2350 Services Router Hardware FeaturesJ2320 and J2350 Services Router Hardware Features J2320 and J2350 Chassis 14 J2320 and J2350 Services Router Hardware Features Rear of J2320 Chassis Front of J2350 Chassis J2320 Hardware Components Rear of J2350 DC-Powered Chassis Description Value J2320 and J2350 Physical Specifications J2320 and J2350 Routing Engine Hardware 18 J2320 and J2350 Services Router Hardware FeaturesJ2320 and J2350 Midplane J2320 and J2350 Front Panel J2320 and J2350 Boot Devices Physical Interface Modules PIMs Power Button and Power LED20 J2320 and J2350 Services Router Hardware Features Color State Description J2320 and J2350 Power LEDJ2320 and J2350 Status LED 22 J2320 and J2350 Services Router Hardware Features Reset Config ButtonJ2320 and J2350 Alarm LED Gigabit Ethernet Port LEDs Built-In Gigabit Ethernet PortsConsole Port AUX Port J2320 and J2350 External Compact Flashes J2320 Power SystemJ2350 Power System 24 J2320 and J2350 Services Router Hardware Features J2320 and J2350 Cooling System 26 J4350 and J6350 Services Router Hardware Features J4350 and J6350 Services Router Hardware Features J4350 and J6350 Chassis J4350 and J6350 Services Router Hardware Features Front of J4350 and J6350 Chassis Rear of J4350 AC-Powered Chassis Rear of J4350 DC-Powered Chassis 30 J4350 and J6350 Services Router Hardware Features J4350 and J6350 Physical Specifications J4350 and J6350 Routing Engine Hardware J4350 and J6350 Boot DevicesJ4350 and J6350 Midplane J4350 and J6350 Front Panel 32 J4350 and J6350 Services Router Hardware Features Power LED Slot Number Diagram on Front Panel Status LED Alarm LED34 J4350 and J6350 Services Router Hardware Features HA LED 36 J4350 and J6350 Services Router Hardware Features J4350 Power System State Description J6350 Power SystemPower Supply LED J4350 and J6350 Cooling System 38 J4350 and J6350 Services Router Hardware Features Software Overview Software Overview Junos Software Processes Routing Engine and Packet Forwarding EngineKernel and Microkernel Process Name Description User InterfacesJunos Software Processes Software Overview PIM and VoIP Module Overview PIM and VoIP Module Terms PIM and VoIP Module TermsPIM and VoIP Module Terms Term Definition Dialer filter PIM and VoIP Module Overview Field-Replaceable PIMs Field-Replaceable PIMsJ2320 and J2350 Field-Replaceable PIM Summary J2320 and J2350 Field-Replaceable PIM Summary J4350 and J6350 Field-Replaceable PIM Summary J4350 and J6350 Field-Replaceable PIM Summary Fe-1/0/0 Port, 6-Port, 8-Port, and 16-Port Gigabit Ethernet uPIMsT3-0/0/0 E3-2/0/0 Port Gigabit Ethernet uPIM PIM and VoIP Module Overview Parameter 1000Base-SX Transceiver 1000Base-LX Transceiver Port Gigabit Ethernet ePIMsOptical Interface Support for SFP Gigabit Ethernet uPIMs Copper Gigabit Ethernet ePIM Optical Interface Support for SFP Gigabit Ethernet ePIM Dual-Port Serial PIM Dual-Port Serial PIM Color State Description Dual-Port T1 or E1 PIMStatus LEDs for Serial Ports Status LEDs for T1 and E1 Ports Dual-Port Channelized T1/E1/ISDN PRI PIM Channelized T1/E1/ISDN PRI PIM Label Color State Description T3 or E3 PIMLEDs for Channelized T1/E1/ISDN PRI PIMs Status LEDs for T3 and E3 Ports E3 PIM LEDs for Dual-Port Fast Ethernet PIM Dual-Port Fast Ethernet PIM Port Fast Ethernet ePIM Port Fast Ethernet ePIM LEDs for 4-Port Fast Ethernet ePIM Port Isdn BRI PIMs Online LEDs for Isdn BRI S/T and U PIMs LEDs for Adsl PIMs Adsl 2/2+ Annex a PIM Shdsl PIM Avaya VoIP Modules Avaya VoIP ModulesAvaya VoIP Module Summary LEDs for G.SHDSL PIMs Also Called This PIM Numbering Chassis Type-pim/0/port J2320 and J2350 Avaya VoIP Module SummarySample Interface Software Release for Slot and Port Maximum Number on Also Called TGM550 Telephony Gateway ModuleJ4350 and J6350 Avaya VoIP Module Summary TGM550 Telephony Gateway Module Additional Information Hardware or Feature TGM550 Maximum CapacityTGM550 Maximum Media Gateway Capacities ALM LEDs for TGM550 Gateway Module TIM510 E1/T1 Telephony Interface Module TIM510 E1/T1 Telephony Interface Module LEDs for TIM510 TIM514 Analog Telephony Interface Module LEDs for TIM514 TIM514 Possible Port ConfigurationsTIM521 BRI Telephony Interface Module LEDs for TIM521 TIM521 BRI Telephony Interface Module PIM and VoIP Module Overview Page User Interface Overview Services Router User Interface OverviewUser Interface Overview Web Overview Before You Begin CLI OverviewBefore You Begin Starting the J-Web Interface Using the J-Web InterfaceServices Router User Interface Overview Using the J-Web Interface Web Layout Web Layout Top Pane Elements Elements of the J-Web Interface Main Pane Elements Main Pane Elements Side Pane Elements Navigating the J-Web Interface Function Button Navigating the Quick Configuration PagesNavigating the J-Web Configuration Editor Web Quick Configuration Buttons Getting J-Web Help Key J-Web Edit Configuration Buttons CoS Help Web Sessions Using the Command-Line Interface Using the Command-Line InterfaceCLI Command Hierarchy Starting the CLI CLI Operational Mode CLI Configuration Mode Editing Keystrokes CLI Basics Task Category Action Keyboard Sequence Command CompletionCLI Editing Keystrokes Online Help Help Commands Configuring the CLI Environment Configuring the CLI Environment Vt100 Set cli screen-widthSet cli terminal AnsiPage Installing a Services Router Installing a Services RouterPage General Site Guidelines Preparing for Router InstallationGeneral Site Guidelines Rack Requirements Rack RequirementsRack Size and Strength for J2320 and J2350 Routers Connection to Building Structure Preparing for Router InstallationRack Size and Strength for J4350 and J6350 Routers Router Environmental Tolerances Fire Safety RequirementsRouter Environmental Tolerances Fire Suppression Fire Suppression Equipment Power Guidelines, Requirements, and SpecificationsPower Guidelines, Requirements, and Specifications Radio Frequency Interference Site Electrical Wiring GuidelinesRouter Power Requirements Signaling Limitations Specification AC Power, Connection, and Power Cord Specifications Country Electrical Specifications Plug Standards DC Power, Connection, and Power Cable SpecificationsAC Power Cord Specifications Preparing for Router Installation Name Model Number Planning for Power ManagementSeries PIM Power Consumption and Heat Dissipation Tokens Junos CLI Power 1xE3 2xE12xT1 2xCT1E1 / PRI Site Preparation Checklist Network Cable SpecificationsSite Preparation Checklist Maximum Power and Heat Capacities of J-series Models Site Preparation Checklist Page Installing and Connecting a Services Router Unpacking a J-series Services Router Unpacking a J-series Services Router Installing J2320 and J2350 Routers Installing J2320 and J2350 RoutersInstalling and Connecting a Services Router Installing J4350 and J6350 Routers Installing J4350 and J6350 Routers Installing the Mounting Brackets Attaching Center Screw to the Rack Chassis Grounding Connecting Interface Cables to Services RoutersConnecting Interface Cables to Services Routers Connecting Power Connecting PowerConnecting AC Power Connecting AC Power to the J2320 Services Router Connecting AC Power to the J2350 Services Router Connecting DC Power VDC and RTN Connecting DC Power to the J2350 Services Router Powering a Services Router On and Off Powering a Services Router On and OffPage Basic Connectivity Terms Establishing Basic ConnectivityBasic Connectivity Terms Basic Connectivity Terms Basic Connectivity Overview Basic Connectivity OverviewRouter Identification Establishing Basic Connectivity Root PasswordTime Zone and System Time Loopback Address Network SettingsDefault Gateway Backup Router Built-In Ethernet Interface Address Management Access Configuration Guide for Common Criteria and JUNOS-FIPS Connecting to a Services Router Connecting to a Services RouterConnecting to the J-Web Interface Connecting to a Services Router COM1 Connecting to the CLI Locally Connecting to the Console Port on J2320 and J2350 Routers Configuring the Modem at the Router End Connecting to the CLI Remotely Connecting the Modem to the Console Port Configuring Basic Settings with J-Web Quick Configuration Configuring Basic Settings with J-Web Quick ConfigurationConnecting to the CLI at the User End Set Up Quick Configuration Time Set Up Quick Configuration SummaryField Function Your Action Identification Ge-0/0/0 Address Set Up Quick Configuration SummaryField Function Network Sample Settings on a Services Router Configuring Basic Settings with a Configuration Editor Configuring Basic Settings Set name-server Task Web Configuration Editor CLI Configuration EditorSet backup router address Set ntp server Set ge-0/0/0 unit 0 family inet address 192.168.1.1/24 Verifying Basic ConnectivityGe-0/0/0 Delete ge-0/0/0 unit 0 family inet address Displaying Basic Connectivity Configurations Displaying Basic Connectivity ConfigurationsPage Secure Web Access Terms Configuring Secure Web AccessSecure Web Access Terms Secure Web Access Terms Secure Web Access Overview Secure Web Access Overview Generating SSL Certificates Configuring Secure Web AccessConfiguring Secure Web Access Quick Configuration Secure Access Certificates Secure Access Quick Configuration SummaryHttp Web Access Https Web Access Configuring Secure Web Access with a Configuration Editor Configuring Secure Web Access with a Configuration EditorSecure Access Quick Configuration Summary Configuring a Secure Web Access Set certificates local new load-key-filepath Verifying Secure Web AccessVerifying Secure Web Access Task Displaying an SSL Certificate Configuration Displaying an SSL Certificate Configuration Displaying a Secure Access Configuration Displaying a Secure Access ConfigurationPage Series License Overview Installing and Managing J-series LicensesSoftware Feature Licenses Series Services Router Software Feature Licenses BGP Route Reflectors License Key Components Summary of License Management Fields Feature SummaryManaging J-series Licenses with the J-Web Interface Adding New Licenses with the J-Web Interface Installed Licenses Managing J-series Licenses with the CLI Deleting Licenses with the J-Web InterfaceDisplaying License Keys with the J-Web Interface Downloading Licenses with the J-Web Interface Saving License Keys with the CLI Deleting a License with the CLI Verifying J-series License Management Verifying J-series License Management Displaying Installed Licenses Displaying Installed Licenses Displaying License Usage Displaying License UsagePage Maintaining Services Router Hardware Maintaining Services Router HardwarePage Tools and Parts Required Replacing Hardware ComponentsTools and Parts Required Tools and Parts Required Replacing the Console Port CableReplacing a PIM Removing a PIM Replacing a PIM Replacing Hardware Components Installing a PIM Installing a PIM Replacing PIM Cables Installing PIM CablesReplacing PIM Cables Removing PIM Cables User@host request chassis fpc slot pim-slotonline To replace the cover on the J2320 and J2350 chassis Matching the Chassis Slots and Tabs Location of J2320 and J2350 Internal Compact Flash Removing the J2320 or J2350 Internal Compact Flash Location of J4350 and J6350 Compact Flash Page Removing the J4350 or J6350 Compact Flash Replacing External Compact Flashes Replacing External Compact Flashes Replace the compact flash slot cover Replacing USB Storage Devices Replacing USB Storage DevicesRemoving the USB Storage Device Installing the USB Storage Device Replacing Dram Modules Replacing Dram Modules J4350 and J6350 Dram Location Removing a Dram Module Installing or Replacing Dram Modules Installing a Dram Module Replacing Power System Components Replacing Power System ComponentsReplacing AC Power Supply Cords Removing an AC Power Supply from J6350 Routers Removing an AC Power Supply Installing an AC Power Supply in J6350 Routers Installing an AC Power Supply Replacing DC Power Supply Cables Removing a DC Power Supply Removing a DC Power Supply Installing a DC Power Supply VDC and RTN Installing a DC Power Supply Removing a J2320 or J2350 Crypto Module Removing a J2320 or J2350 Crypto Accelerator Module Installing a J2320 or J2350 Crypto Accelerator Module Installing a J2320 or J2350 Crypto Accelerator Module User@host show chassis hardware Removing a J4350 or J6350 Crypto Accelerator Module Removing a J4350 or J6350 Crypto Module Screw Installing a J4350 or j6350 Crypto Accelerator Module User@host show chassis hardware Replacing Air Filters on J2350 Routers Replacing Air Filters on J2350 Routers Replacing Air Filters on J4350 and J6350 Routers Replacing Air Filters on J4350 and J6350 Routers Attaching Air Filter and Filter Cover Page Component Alarm Conditions Corrective Action Alarm Severity Troubleshooting Hardware ComponentsChassis Alarm Conditions Chassis Alarm Conditions and Corrective Actions Troubleshooting Power Management Troubleshooting Power Management User@host show chassis fpc Troubleshooting Hardware Components Contacting the Juniper Networks Technical Assistance Center Contacting the Juniper Networks Technical Assistance Center Locating Component Serial Numbers Contacting Customer Support and Returning HardwareLocating Component Serial Numbers Location of the Serial Number ID Labels J2320 and J2350 Chassis Serial Number and Agency Labels Contacting Customer Support and Returning Hardware J4350 and J6350 Chassis Serial Number and Agency Labels Contacting Customer Support Power Supply Serial Number LabelsPIM Serial Number Label Contacting Customer Support Information You Might Need to Supply to Jtac Return ProcedureReturn Procedure Packing a Router or Component for Shipment Packing the Services Router for ShipmentPacking a Router or Component for Shipment Tools and Parts Required Packing Components for Shipment Page Series Requirements and Specifications Series Requirements and SpecificationsPage Serial PIM Cable Specifications Network Cable Specifications and Connector PinoutsSerial PIM Cable Specifications Port Serial PIM Cables and Connectors RS-232 DTE Cable Pinout LFH-60 Pin DB-25 Pin LFH-60 Pairing DescriptionRS-232 DTE Cable Pinout RS-422/449 EIA-449 DTE Cable Pinout RS-232 DCE Cable PinoutRS-422/449 EIA-449 DTE Cable Pinout RS-232 DCE Cable Pinout Send Data a RS-422/449 EIA-449 DCE Cable Pinout RS-422/449 EIA-449 DCE Cable Pinout EIA-530A DTE Cable Pinout EIA-530A DTE Cable Pinout EIA-530A DCE Cable Pinout EIA-530A DCE Cable Pinout 35 DTE Cable Pinout LFH-60 Pin 34 Pin LFH-60 Pairing DescriptionDTE Cable Pinout 21 DTE Cable Pinout LFH-60 Pin DB-15 Pin LFH-60 Pairing DescriptionDCE Cable Pinout 35 DCE Cable Pinout 21 DCE Cable Pinout Gigabit Ethernet uPIM RJ-45 Connector Pinout Fast Ethernet RJ-45 Connector PinoutGigabit Ethernet uPIM RJ-45 Connector Pinout Fast Ethernet RJ-45 Connector Pinout Gigabit Ethernet ePIM RJ-45 Connector Pinout Gigabit Ethernet ePIM RJ-45 Connector PinoutGigabit Ethernet ePIM RJ-45 Connector Pinouts Pin Signal Name E1 and T1 RJ-48 Cable Pinouts RJ-45 Chassis Console Connector PinoutDB-9 Console Connector Pinout 238 E1 and T1 RJ-48 Cable Pinouts RJ-48 Connector to RJ-48 Connector Straight PinoutRJ-48 Connector to RJ-48 Connector Crossover Pinout RJ-48 Connector to DB-15 Connector Crossover Pinout RJ-48 Connector to DB-15 Connector Straight Pinout PinSignal E3 and T3 BNC Connector PinoutAdsl and G.SHDSL RJ-11 Connector Pinout Adsl and G.SHDSL RJ-11 Connector Pinout Isdn RJ-45 Connector Pinout Isdn RJ-45 Connector PinoutConnector Pinouts for Avaya VoIP Modules Isdn RJ-45 Connector Pinout TGM550 RJ-45 Pin Signal Terminal DB-9 Pins TGM550 RJ-11 Connector Pinout for Analog PortsTGM550 RJ-45 Console Connector Pinouts TGM550 RJ-11 Connector Pinout TIM510 RJ-45 Connector Pinout TIM510 RJ-45 Connector PinoutTIM514 Connector Pinout TIM521 Connector Pinout TIM521 RJ-45 Connector Pinout Definition of Safety Warning Levels Safety and Regulatory Compliance InformationDefinition of Safety Warning Levels Page Safety Guidelines and Warnings Safety Guidelines and WarningsGeneral Safety Guidelines and Warnings Safety and Regulatory Compliance Information Qualified Personnel Warning Preventing Electrostatic Discharge Damage Electrical Safety Guidelines and Warnings General Electrical Safety Guidelines Power Cable Warning Japanese AC Power Electrical Safety Guidelines Power Sources for Redundant Power Supplies DC Power Electrical Safety Guidelines DC Power Disconnection Warning DC Power Grounding Requirements and Warning Varten 48 V, +RTN varten +RTN, maajohto maajohtoon DC Power Wiring Sequence Warning DC Power Wiring Terminations Warning Page Grounded Equipment Warning Case of Electrical Accident Multiple Power Supplies Disconnection Warning Power Disconnection Warning TN Power Warning Telecommunication Line Cord Warning Chassis Lifting Guidelines Installation Safety Guidelines and Warnings Rack-Mounting Requirements and Warnings Installation Instructions Warning Safety and Regulatory Compliance Information Safety Guidelines and Warnings Safety and Regulatory Compliance Information Ramp Warning Class 1 Laser Product Warning Laser and LED Safety Guidelines and WarningsGeneral Laser Safety Guidelines Laser Beam Warning Class 1 LED Product Warning Radiation from Open Port Apertures Warning Page Battery Handling Warning Maintenance and Operational Safety Guidelines and Warnings Jewelry Removal Warning Safety and Regulatory Compliance Information Lightning Activity Warning Operating Temperature Warning Product Disposal Warning Agency Approvals Agency Approvals Compliance Statements for Environmental Requirements Lithium BatteryCompliance Statements for Environmental Requirements Compliance Statements for EMC Requirements Compliance Statements for EMC Requirements Canada European Community Preceding translates as follows Japan FCC Part 68 Statement United StatesFCC Part 15 Statement Safety and Regulatory Compliance Information Page Index IndexPage Symbols Analog telephone Line ports Junos CLI See also LEDs 253 Eprom Glossary 117 J2350 T3 PIM TX/RX Adsl AUX Power system Connecting 123 Fan Number 219 Establishing software connectivity 129 SSH See also Junos CLI EMI