Manuals / Juniper Networks / Computer Equipment / Network Card

Juniper Networks SRX 210 manual SRX210 Services Gateway Hardware Guide

Models: SRX 210

1 200

Download 200 pages 27.83 Kb

Page 132

SRX210 Services Gateway Hardware Guide

transmitted between the Web browser and the services gateway by means of HTTP is vulnerable to interception and attack. To enable secure Web access, the services gateway supports HTTP over Secure Sockets Layer (HTTPS). You can enable HTTP or HTTPS access on specific interfaces and ports as needed.

The services gateway uses the SSL protocol to provide secure management of services gateways through the J-Web. SSL uses public-private key technology that requires a paired private key and an authentication certificate for providing the SSL service.

SSL encrypts communication between your device and the Web browser with a session key negotiated by the SSL server certificate.

An SSL certificate includes identifying information such as a public key and a signature made by a certificate authority (CA). When you access the services gateway through HTTPS, an SSL handshake authenticates the server and the client and begins a secure session. If the information does not match or if the certificate has expired, your access to the services gateway through HTTPS is restricted.

Without SSL encryption, communication between your services gateway and the browser is sent in the open and can be intercepted. We recommend that you enable HTTPS access on your WAN interfaces.

For more information about configuring secure Web access, see the JUNOS Software Administration Guide.

Related Topics ■ SRX210 Services Gateway Software Configuration Overview on page 101

■Performing Initial Software Configuration on the SRX210 Services Gateway Using the CLI on page 104

■Performing Initial Software Configuration on the SRX210 Services Gateway Using the J-Web Interface on page 107

112■ SRX210 Services Gateway Secure Web Access Overview

Image 132

Juniper Networks SRX 210 manual SRX210 Services Gateway Hardware Guide, SRX210 Services Gateway Secure Web Access Overview

Contents

SRX210 Services Gateway Hardware GuideJuniper Networks, Inc Revision PublishedSRX210 Services Gateway Hardware Guide Copyright 2010, Juniper Networks, IncEND USER LICENSE AGREEMENT 7. Ownership. Juniper and Juniper’s licensors, respectively, retain ownership of all right, title, and interest including copyright in and to the Software, associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software Page Page Table of Contents SRX210 Services Gateway OverviewPart SRX210 Services Gateway 3G ExpressCard SRX210 Services Gateway Power over Ethernet SupportSRX210 Services Gateway with Integrated Convergence ServicesSetting Up the SRX210 Services Gateway Clearance Requirements for Airflow and Hardware Maintenance of theSRX210 Services Gateway Safety Requirements, Warnings, and Adjusting the Power Supply Adapter Tray for the SRX210 ServicesChapter Maintaining and Monitoring the SRX210 Services Gateway HardwareAppendixes PartAppendix B Index Table of ContentsTable of Contents PartSRX210 Services Gateway Hardware Guide xiv Table of ContentsAbout This Guide ObjectivesAudience Documentation Conventionsyou substitute a value in commands or configuration statementsJunos System Basics Configuration Guide Table 1 Notice IconsSRX Series Documentation and Release Notes CancelTable 2 Text and Syntax Conventions continued string1 string2 string3Obtaining Documentation Documentation FeedbackRequesting Technical Support Self-Help Online Tools and ResourcesOpening a Case with JTAC You can open a case with JTAC on the Web or by telephoneSRX210 Services Gateway Hardware Guide xx Requesting Technical SupportSRX210 Services Gateway Overview PartSRX210 Services Gateway Hardware Guide 2 SRX210 Services Gateway OverviewIntroduction to the SRX210 Services Gateway SRX210 Services Gateway DescriptionAbout the SRX210 Services Gateway SRX210 Services Gateway ModelsAccessing the SRX210 Services Gateway SRX210 Services Gateway Hardware FeaturesTable 4 SRX210 Services Gateway Hardware Features continued Related Topics SRX210 Services Gateway Description on page SRX210 Services Gateway Specifications on pageSRX210 Services Gateway Hardware Guide 6 SRX210 Services Gateway Hardware FeaturesSRX210 Services Gateway Hardware Components and Specifications SRX210 Services Gateway SpecificationsChapter Figure 1 SRX210 Services Gateway with Integrated Convergence Services Figure 2 SRX210 Services GatewayTable 5 SRX210 Services Gateway Specifications Chassis heightTable 5 SRX210 Services Gateway Specifications continued m for SRX210 Services Gateway with IntegratedNOTE These specifications are estimates and subject Convergence Services 232 BTU/hour ExcludingSRX210 Services Gateway Front Panel Figure 3 SRX210 Services Gateway Front PanelSRX210 Services Gateway Back Panel Table 6 SRX210 Services Gateway Front Panel ComponentsFigure 4 SRX210 Services Gateway Back Panel Table 7 SRX210 Services Gateway Back Panel Components Power supply pointCable tie holder Grounding pointPanel SRX210 Services Gateway Built-In Interfaces g031102Table 10 SRX210 Services Gateway Built-In Hardware Interfaces Consist of two fixed portsUniversal Serial Bus USB Related Topics SRX210 Services Gateway Specifications on page SRX210 Services Gateway LEDs Front Panel LEDsTable 11 SRX210 Services Gateway Front Panel Components LEDs Power button has been pressed and quicklyEthernet Port LEDs Figure 8 SRX210 Services Gateway Ethernet Port LEDsVoice Interface Port LED Figure 9 SRX210 Services Gateway Voice Interface Port LEDs Table 13 SRX210 Services Gateway Voice Interface Port LEDsBoot Devices Dual-Root Partitioning SchemeSRX210 Services Gateway Cooling System SRX210 Services Gateway Cooling System Air flowRear FrontSRX210 Services Gateway Power Supply g031171Figure 12 SRX210 Services Gateway - 48 V Power Supply Figure 13 SRX210 Services Gateway - 54 V Power SupplySRX210 Services Gateway Power Supply N17908SRX210 Services Gateway Cooling System on page Monitoring the SRX210 Services Gateway Power System on pageSRX210 Services Gateway Hardware Guide 28 SRX210 Services Gateway Power SupplySRX210 Services Gateway 3G ExpressCard SRX210 Services Gateway 3G ExpressCard OverviewIntroduction Supported Modem TypesUsing the 3G ExpressCard Key FeaturesPhysical Specifications Table 15 3G ExpressCard Physical Specifications continued Voltage supply3.3V primary sourceSRX210 Services Gateway 3G ExpressCard Basic CLI Commands Figure 14 Installing 3G ExpressCard in the SRX210 Services GatewayTable 16 SRX210 Services Gateway 3G ExpressCard Basic CLI Commands Page SRX210 Services Gateway Power over Ethernet Support SRX210 Services Gateway PoE OverviewChapter IntroductionPoE Classes and Power Ratings Table 17 SRX210 Services Gateway PoE Specifications continuedConfiguring PoE Functionality on the SRX210 Services Gateway Table 18 PoE Classes and Power Ratings on the SRX210 Services GatewaySRX210 Services Gateway Hardware Guide 38 Configuring PoE Functionality on the SRX210 Services GatewaySRX210 Services Gateway with Integrated Convergence Services ChapterSupported Features Basic FunctionsCommon Deployment Scenarios SIP phones Table 19 SRX210 Services Gateway Integrated Convergence Services Interoperability continuedRelated Topics SRX210 Services Gateway Hardware Guide SRX210 Services Gateway Mini-Physical Interface Modules SRX210 Services Gateway Mini-Physical Interface ModulesChapter SRX210 Services Gateway Hardware Guide 46 SRX210 Services Gateway Mini-Physical Interface ModulesSetting Up the SRX210 Services Gateway PartSRX210 Services Gateway Hardware Guide 48 Setting Up the SRX210 Services GatewayPreparing the Site for the SRX210 Services Gateway Installation Site Preparation Checklist for the SRX210 Services GatewayChapter Table 20 Site Preparation Checklist for the SRX210 Services Gateway Installation continuedRack Installation Cabinet InstallationGeneral Site Guidelines for Installing the SRX210 Services Gateway SRX210 Services Gateway Cabinet RequirementsGeneral Site Guidelines for Installing the SRX210 Services Gateway SRX210 Services Gateway Rack Requirements Table 21 SRX210 Services Gateway Cabinet RequirementsTable 22 Rack Requirements for the Services Gateway Table 23 Clearance Requirements for the Services Gateway SRX210 Services Gateway Electrical and Power Requirements SRX210 Services Gateway Hardware Guide 56 SRX210 Services Gateway Electrical and Power RequirementsInstallation Overview for the SRX210 Services Gateway Installation Overview for the SRX210 Services GatewayTable 24 Installation Process Order for the SRX210 Services Gateway ChapterPage Services Gateway to the Power Services Gateway” on pageChapter “Packing the SRX210 Services Gateway continuedGateway and Components for Unpacking the SRX210 Services Gateway Unpacking the SRX210 Services GatewayVerifying Parts Received with the SRX210 Services Gateway ChapterTable 26 Parts List for a Fully Configured SRX210 Services Gateway Table 27 Accessory Parts List for the SRX210 Services GatewaySecurity Products Safety Guide Quick Start GuideJuniper Compliance Form Letter Product RegistrationSRX210 Services Gateway Hardware Guide 64 Verifying Parts Received with the SRX210 Services GatewayPreparing the SRX210 Services Gateway for Installation ChapterPreparing the SRX210 Services Gateway for Rack-Mount Installation Preparing the SRX210 Services Gateway for Desk-Mount Installation Preparing the SRX210 Services Gateway for Wall-Mount Installation SRX210 Services Gateway” on pageInstalling the SRX210 Services Gateway SRX210 Services Gateway Safety Requirements, Warnings, and GuidelinesSRX210 Services Gateway Installation ChapterInstalling the SRX210 Services Gateway in a Rack on page Installing the SRX210 Services Gateway in a Rack Chapter 12 Installing the SRX210 Services GatewayInstalling the SRX210 Services Gateway in a Rack To install the device in a rack 3. Place the power supply adapter in the tray as shown in Figure 19 on page Gateway in a Rack Installing the SRX210 Services Gateway on a Desk Installing the SRX210 Services Gateway on a Wall Gateway on DeskTable 32 SRX210 Services Gateway Wall Installation Parts Page Page SRX210 Services Gateway Hardware Guide Connecting, Grounding, and Powering On the SRX210 Services Gateway Connecting the SRX210 Services Gateway to the Power SupplyChapter Figure 25 Connecting the SRX210 Services Gateway to the Power Supply Page Grounding the SRX210 Services Gateway Figure 26 Grounding the SRX210 Services GatewayTable 33 Grounding Cable Specifications for the Services Gateway Powering On and Powering Off the SRX210 Services Gateway Powering On the SRX210 Services GatewayPowering Off the SRX210 Services Gateway Resetting the SRX210 Services Gateway SRX210 Services Gateway Hardware Guide 88 Resetting the SRX210 Services GatewaySRX210 Services Gateway Autoinstallation SRX210 Services Gateway Autoinstallation OverviewAdministration Guide ChapterSRX210 Services Gateway Hardware Guide 90 SRX210 Services Gateway Autoinstallation OverviewConnecting the SRX210 Services Gateway to Management Devices Connecting an SRX210 Services Gateway to the J-Web InterfaceChapter SRX210 Services Gateway Hardware Guide 92 Connecting an SRX210 Services Gateway to the J-Web InterfaceConnecting an SRX210 Services Gateway to the J-Web Interface g031118To connect to the Ethernet port Connecting an SRX210 Services Gateway to the CLI Locally Connecting an SRX210 Services Gateway to the CLI Remotely Table 34 Port Settings when Connecting to Console PortConnecting the Modem at the SRX210 Services Gateway End Page Connecting to the CLI at the User End for the SRX210 Services Gateway Table 36 Port Settings for Connecting CLI at User EndSRX210 Services Gateway Hardware Guide SRX210 Services Gateway Software Configuration Overview Preparing SRX210 Services Gateway for ConfigurationChapter Understanding Built-In Ethernet Ports Mapping the Chassis Cluster PortsUnderstanding Management Access JUNOS Software Interfaces and Routing Configuration GuideJUNOS Software Security Configuration Guide Configuration Guide for Common Criteria and JUNOS-FIPS configure edit root@#Retype new password password root# cli root@6. Configure an administrator account on the device 15. Check the configuration for validity 16. Commit the configuration to activate it on the device18. Commit the configuration to activate it on the device Establishing Basic Connectivity edit admin@host# commitedit admin@host# exit admin@host Configuring Basic System Properties Table 39 Basic Configuration Summary Device Identification continued Table 40 Basic Configuration Summary Management AccessSets the password that user root services gateway can use to resolvec. Under Logical Interfaces, click Add d. Under IPv4 Addresses and Prefixes, click AddSRX210 Services Gateway Secure Web Access Overview a. In the J-Web interface, select ConfigureRoutingStatic routingZones SRX210 Services Gateway Hardware Guide 112 SRX210 Services Gateway Secure Web Access OverviewMaintaining and Monitoring the SRX210 Services Gateway Hardware Maintaining the SRX210 Services Gateway Hardware Components on pageMonitoring the SRX210 Services Gateway on page Maintaining and Monitoring the SRX210 Services Gateway HardwareSRX210 Services Gateway Hardware Guide 114 Maintaining and Monitoring the SRX210 Services Gateway HardwareMaintaining the SRX210 Services Gateway Hardware Components Maintaining the SRX210 Services Gateway Hardware ComponentsChapter Site Preparation Checklist for the SRX210 Services Gateway on page Monitoring the SRX210 Services Gateway Monitoring Hardware Components on the SRX210 Services GatewayMonitoring the SRX210 Services Gateway Chassis Using the CLI show chassis environment show chassis fpc show chassis alarmsshow chassis hardware user@host show chassis hardwareshow chassis hardware detail user@host show chassis hardware detail SRX210 Services Gateway Hardware Guideshow chassis alarms user@host show chassis alarms show chassis environment user@host show chassis environmentshow chassis fpc user@host show chassis fpcMonitoring the SRX210 Services Gateway Components Using LEDs Table 43 Component LEDs on the Services GatewayTable 43 Component LEDs on the Services Gateway continued Monitoring the SRX210 Services Gateway Using Chassis Alarm Conditions port LED glows red blinkingAdministration Guide see the SRX Series Services Gateways forthe Branch Physical Interface Modules Actions continued chassis is too warmMonitoring the SRX210 Services Gateway Power System Table 45 Services Gateway Power LED StatusUsing the Reset Config Button on the SRX210 Services Gateway admin@host# set chassis config-button no-clear admin@host# set chassis config-button no-rescueadmin@host# set chassis config-button no-clear no-rescue Juniper Networks Technical Assistance Center Monitoring the SRX210 Services Gateway Power System on pageSRX210 Services Gateway Hardware Guide Juniper Networks Technical Assistance Center on pageAppendixes PartSRX210 Services Gateway Hardware Guide 130 AppendixesSafety and Regulatory Compliance Information SRX210 Services Gateway Definition of Safety Warning LevelsAppendix A Varoitus Tämä varoitusmerkki merkitsee vaaraa. Olet tilanteessa, joka voi johtaa ruumiinvammaan. Ennen kuin työskentelet minkään laitteiston parissa, ota selvää sähkökytkentöihin liittyvistä vaaroista ja tavanomaisista onnettomuuksien ehkäisykeinoista SRX210 Services Gateway General Safety Guidelines and Warnings General Safety Guidelines and WarningsQualified Personnel Warning Restricted Access Area Warning Preventing Electrostatic Discharge Damage to the Services Gateway Figure 29 Placing a Component into an Electrostatic Bag SRX210 Services Gateway Fire Safety Requirements SRX210 Services Gateway Installation Safety Guidelines and Warnings Installation Instructions WarningRack-Mounting Requirements and Warnings Jos telineessä ei ole muita laitteita, aseta laite telineen alaosaan Warnung Zur Vermeidung von Körperverletzung beim Anbringen oder Warten dieser Einheit in einem Gestell müssen Sie besondere Vorkehrungen treffen, um sicherzustellen, daß das System stabil bleibt. Die folgenden Richtlinien sollen zur Gewährleistung Ihrer Sicherheit dienen Appendix A Safety and Regulatory Compliance Information SRX210 Services Gateway Installation Safety Guidelines and WarningsSRX210 Services Gateway Laser and LED Safety Guidelines and Warnings Laser and LED Safety Guidelines and WarningsGeneral Laser Safety Guidelines Class 1 Laser Product WarningClass 1 LED Product Warning Laser Beam WarningRadiation from Open Port Apertures Warning Safety Guidelines and Warnings Battery Handling WarningJewelry Removal Warning Lightning Activity Warning Operating Temperature Warning Product Disposal Warning Appendix A Safety and Regulatory Compliance InformationSRX210 Services Gateway Electrical Safety Guidelines and Warnings General Electrical Safety Guidelines and WarningsIn Case of Electrical Accident SRX210 Services Gateway Agency Approvals SRX210 Services Gateway Compliance Statements for EMC Requirements For the SRX210 Services Gateway Low Memory and High Memory ModelsCanada European CommunityUnited States CanadaEuropean Community JapanSRX210 Services Gateway Compliance Statements for Acoustic Noise Lithium BatteryUnited States SRX210 Services Gateway Agency Approvals on page SRX210 Services Gateway Hardware Guide 156 SRX210 Services Gateway Compliance Statements for Acoustic NoiseSRX210 Services Gateway Power Guidelines, Requirements, and SpecificationsSRX210 Services Gateway Site Electrical Wiring Guidelines Appendix BSRX210 Services Gateway Power Specifications and Requirements SRX210 Services Gateway Grounding Specifications Table 48 Grounding Cable Specifications for the Services GatewayPage SRX210 Services Gateway Interface Cable Specifications and Connector PinoutsAppendix C RJ-45 Connector Pinouts for the SRX210 Services Gateway Ethernet Port Figure 30 Ethernet Cable Connector RJ-45RJ-45 Connector Pinouts for the SRX210 Services Gateway Console Port Figure 31 Console Cable ConnectorTable 52 RJ-45 Connector Pinouts for Services Gateway Console Port Table 53 RJ-11 Connector Pinouts Related Topics Interface Cable and Wire Specifications for the SRX210 Services Gateway on page SRX210 Services Gateway Hardware Guide Contacting Customer Support and Returning the SRX210 Services Gateway Return Procedure for the SRX210 Services GatewayHardware Appendix DPage SRX210 Services Gateway Chassis Serial Number and Agency Labels Figure 32 Location of SRX210 Serial Number and Agency LabelsContacting Customer Support to Obtain Return Materials Authorization Contacting Customer SupportPacking the SRX210 Services Gateway and Components for Shipment Packing the Services GatewayPacking the Components for Shipment Index PartIndex on page IndexSRX210 Services Gateway Hardware Guide 174 IndexSymbols AT modem commandIndex environmental specifications connecting through J-WebForeign Exchange Office FXO interface Page services gateway SRX210 Services Gatewaychassis console port wire specifications wirelesswall mount preparingSRX210 Services Gateway Hardware Guide 180 Index