Manuals / Juniper Networks / Computer Equipment / Network Card

Juniper Networks SRX 210 manual Understanding Management Access

Models: SRX 210

1 200
Download 200 pages 27.83 Kb
Page 123
Image 123
■JUNOS Software Interfaces and Routing Configuration Guide

Chapter 16: Performing Initial Software Configuration on the SRX210 Services Gateway

Table 38 on page 103 shows the mapping of the chassis cluster ports.

Table 38: Mapping the Chassis Cluster Ports on an SRX210 Services Gateway

Ethernet Ports on SRX210 Services Gateway

Management Interface

fe-0/0/6

fxp0 (management port)

fe-0/0/7

fxp1 (control port)

JUNOS Software automatically creates the fxp0 and fxp1 interfaces on these ports when the SRX210 Services Gateway is operating in chassis cluster mode.

For more information, see the following guides:

JUNOS Software Interfaces and Routing Configuration Guide

JUNOS Software Security Configuration Guide

Understanding Management Access

Telnet allows you to connect to the services gateway and access the CLI to execute commands from a remote system. The Telnet CLI connections are not encrypted and therefore can be intercepted.

NOTE: Telnet access to the root user is prohibited. You must use more secure methods, such as SSH, to log in as root.

SSH provides the following features:

Allows you to connect to the device and access the CLI to execute commands from a remote system

Encrypts traffic so that it cannot be intercepted (unlike Telnet)

Can be configured so that connections are authenticated by a digital certificate

Uses public–private key technology for both connection and authentication

The SSH client software must be installed on the machine where the client application runs. If the SSH private key is encrypted (for greater security), the SSH client must be able to access the passphrase used to decrypt the key.

For information about obtaining SSH software, see http://www.ssh.com and

http://www.openssh.com.

If you are using a JUNOScript server to configure and monitor devices, you can activate cleartext access on the device to allow unencrypted text to be sent directly over a Transmission Line Protocol (TCP) connection without using any additional protocol (such as SSH, SSL, or Telnet). For more information about the JUNOScript application programming interface (API), see the JUNOScript API Guide.

SRX210 Services Gateway Software Configuration Overview 103

Page 122 Page 124
Page 123
Image 123
Juniper Networks SRX 210 manual Understanding Management Access, JUNOS Software Interfaces and Routing Configuration Guide
Page 122 Page 124