Establishing Basic Connectivity. Juniper Networks J2320, J2350, J4350, J6350
Add to My manuals330 Pages
advertisement
Chapter 7
Establishing Basic Connectivity
The JUNOS software is preinstalled on the Services Router. When the router is powered on, it is ready to be configured. If the router does not have a configuration from the factory or your service provider, you must configure the software to establish basic connectivity.
If you are setting up a Services Router for the first time, you can use either J-Web
Quick Configuration or a configuration editor to configure basic connectivity. For a brief explanation of J-Web Quick Configuration and the J-Web and CLI configuration
editors, see “Services Router User Interface Overview” on page 79.
If you are setting up many Services Routers, autoinstallation can help automate the configuration process. For more information about autoinstallation, see the J-series
Services Router Administration Guide.
This chapter contains the following topics. For more information about basic connectivity, see the JUNOS System Basics Configuration Guide.
■
■
■
Basic Connectivity Terms on page 129
Basic Connectivity Overview on page 130
■
■
■
■
Connecting to a Services Router on page 135
Configuring Basic Settings with J-Web Quick Configuration on page 141
Configuring Basic Settings with a Configuration Editor on page 145
Verifying Basic Connectivity on page 148
Basic Connectivity Terms
Before configuring basic connectivity, become familiar with the terms defined in
Table 54: Basic Connectivity Terms
Term
domain name
Definition
Name that identifies the network or subnetwork of a router.
Basic Connectivity Terms
■ 129
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Table 54: Basic Connectivity Terms (continued)
Term
Dynamic Host Configuration Protocol (DHCP) gateway hostname loopback address
Network Time Protocol (NTP) root user secure shell (SSH)
Telnet
Definition
Protocol for assigning dynamic IP addresses to devices on a network.
Packets destined for IP addresses not identified in the routing table are sent to the default gateway.
Unique name that identifies a router on the network.
IP address of a Services Router on logical interface lo0.0 that is always active and available to external hosts and as the source address for outgoing packets.
Protocol that provides a reliable way of synchronizing the system time of a router.
A superuser or system administrator who can perform any task in the file system.
Protocol that provides a secured method of logging in to a remote network system.
Software that allows a computer to act as a remote terminal on a network system.
Basic Connectivity Overview
To connect your Services Router to the network and establish basic connectivity, you enter information about your network. This overview contains the following topics:
■
■
Router Identification on page 130
■
■
■
■
■
■
■
Time Zone and System Time on page 131
Built-In Ethernet Interface Address on page 133
Router Identification
The domain name defines the network or subnetwork that the Services Router belongs to. The hostname refers to the specific machine, while the domain name is shared
130 ■
Basic Connectivity Overview
Chapter 7: Establishing Basic Connectivity among all the devices in a given network. Together the hostname and domain name identify the router in the network.
Root Password
The root user has complete privileges to configure the Services Router, and manage files in the router's file system. Initially, the root password is not defined on the router. To ensure basic security, you must define the root password during initial configuration. If a root password is not defined, you cannot commit configuration settings to take effect on the router.
If you use a plain-text password, the router displays the password as an encrypted string so that users viewing the configuration cannot easily see the password.
The root password must meet the following conditions:
■
The password must be at least 6 characters long.
■
■
You can include most character classes in a password (alphabetic, numeric, and special characters), except control characters.
Valid passwords must contain at least one change of case or character class.
For Common Criteria environments only, the password must be between 10 and
20 characters long and must include at least three of the five character classes
(uppercase letters, lowercase letters, punctuation marks, numbers, and other special characters). Control characters are not recommended. For more information, see the Secure Configuration Guide for Common Criteria and JUNOS-FIPS.
Time Zone and System Time
You define the time zone for the location where you plan to operate the Services
Router by using a designation that consists of the following information for the location:
■
Name of the continent or ocean—For example,
America
or
Atlantic
■
Name of the major city or other geographic feature in the time zone—For example,
Detroit
or
Azores
A Network Time Protocol (NTP) server provides accurate time across a network. The router synchronizes the system time with the NTP server, and periodically accesses the NTP server to maintain the correct time.
The time zone and system time must be accurate so that the router schedules events and operations as expected.
For Common Criteria compliance, you must configure NTP to provide accurate timestamps for system log messages. For more information, see the Secure
Configuration Guide for Common Criteria and JUNOS-FIPS.
Basic Connectivity Overview
■ 131
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Network Settings
A Domain Name System (DNS) server on the network maintains a database for resolving hostnames and IP addresses. Network devices can query the DNS server by hostnames rather than IP addresses. The router accesses the DNS servers that are added to the configuration to resolve hostnames in the order in which you list them.
If you plan to include your router in several domains, you can add these domains to the configuration so that they are included in a DNS search. When DNS searches are requested, the domain suffixes are appended to the hostnames.
Default Gateway
A default gateway is a static route that is used to direct packets addressed to networks not explicitly listed in the routing table. If a packet arrives at the Services Router with an address that the router does not have routing information for, the router sends the packet to the default gateway. The default gateway entry is always present in the routing and forwarding tables.
Backup Router
You can specify a backup router to take over when the routing protocol process of the Services Router is not running, usually when the Services Router is booting, or if its routing protocol process has failed. Packets arriving at a Services Router in this situation are routed to the backup router. When the routing protocol process starts up again, the address of the backup router is removed from the routing and forwarding tables of the Services Router. The backup router must be located on the same subnet.
NOTE: To configure a backup router, you must use the CLI or J-Web configuration editor. You cannot configure a backup router with J-Web Quick Configuration.
Loopback Address
The loopback address is the IP address of the Services Router. The loopback address ensures that the router provides an IP address to management applications. Because it must always be available to hosts attempting to route packets to the router, the loopback address resides on an interface that is always active, known as the loopback interface ( lo0.0
). Setting a loopback address ensures that the router can receive packets addressed to the loopback address as long as the router is reachable though any entry (ingress) interface. In addition, applications such as NTP, RADIUS, and
TACACS+ can use the loopback address as the source address for outgoing packets.
If you use the J-Web Set Up Quick Configuration page, you can either set a loopback address of your choice or have the loopback address automatically set to
127.0.0.1
when you click Apply or OK to commit the configuration.
132 ■
Basic Connectivity Overview
Chapter 7: Establishing Basic Connectivity
Built-In Ethernet Interface Address
The built-in Gigabit Ethernet interfaces, ge-0/0/0 through ge-0/0/3 , on the front panel of the Services Router, are the interfaces through which you perform initial router setup. The examples in this guide use the ge-0/0/0 interface as the management interface, but you can use any built-in Ethernet port for management.
After the initial configuration is complete, you can attach the built-in Ethernet port that you are using for management purposes to the management network.
Before initial configuration, when the factory default configuration is active, the router attempts to perform autoinstallation by obtaining a router configuration through all its connected interfaces, including ge-0/0/0
. The Services Router acts as a DHCP client out the built-in Ethernet interfaces.
If the Services Router does not find a DHCP server within a few seconds, it sets the address of ge-0/0/0 to 192.168.1.1/24 and becomes a DHCP server out the ge-0/0/0 interface.
NOTE: If the ge-0/0/1 interface is being used, it is set to 192.168.2.1/24 .
With the router temporarily acting as a DHCP server, you can manually configure it with the J-Web interface. Any DHCP client host, for example, a PC or laptop computer, directly connected to ge-0/0/0 receives an address on the 192.168.1.1/24 network.
NOTE: The DHCP functionality for initial setup is different from the configurable
DHCP server functionality of the Services Router during operation. To configure the
Services Router as a DHCP server, see the J-series Services Router Administration
Guide.
Once you connect your laptop or PC to ge-0/0/0 , you can use a Web browser to visit the address
192.168.1.1/24
, access the J-Web Set Up Quick Configuration page, and complete the initial configuration of the router.
After you perform the initial configuration and commit it by clicking Apply or OK on the Set Up page, the configured router can no longer act as a DHCP server.
Therefore, in order to continue using it as a management interface you should configure the IP address of the interface as part of the initial configuration.
Management Access
Telnet allows you to connect to the Services Router and access the CLI to execute commands from a remote system. Telnet connections are not encrypted and therefore can be intercepted.
Telnet access to the root user is prohibited. You must use more secure methods, such as SSH, to log in as root
.
If you are using a JUNOScript server to configure and monitor routers, you can activate clear-text access on the router to allow unencrypted text to be sent directly over a
Basic Connectivity Overview
■ 133
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
TCP connection without using any additional protocol (such as SSH, SSL, or Telnet).
Information sent in clear text is not encrypted and therefore can be intercepted. For more information about the JUNOScript application programming interface (API), see the JUNOScript API Guide.
If the router is operating in a Common Criteria environment, see the Secure
Configuration Guide for Common Criteria and JUNOS-FIPS.
SSH also allows you to connect to the router and access the CLI to execute commands from a remote system. However, unlike Telnet, SSH encrypts traffic so that it cannot be intercepted.
SSH can be configured so that connections are authenticated by a digital certificate.
SSH uses public-private key technology for both connection and authentication. The
SSH client software must be installed on the machine where the client application runs. If the SSH private key is encrypted (for greater security), the SSH client must be able to access the passphrase used to decrypt the key.
For information about obtaining SSH software, see http://www.ssh.com
and http://www.openssh.com
.
Before You Begin
Before you begin initial configuration, complete the following tasks:
■
■
Gather the following information:
■
Hostname for the router on the network
■
Domain that the router belongs to on the network
■
Password for the root user
■
■
■
■
■
■
■
Time zone where the router is located
IP address of an NTP server (if NTP is used to set the time on the router)
IP address of a DNS server
List of domains that can be appended to hostnames for DNS resolution
IP address of the default gateway
IP address to be used for the loopback interface
■
IP address of the built-in Ethernet interface that you will use for management purposes. The examples in this guide use the ge-0/0/0 interface.
If you are performing the initial configuration with the J-Web interface, collect the following equipment:
■
A management device, such as a laptop, with an Ethernet port
134 ■
Before You Begin
Chapter 7: Establishing Basic Connectivity
■
■
An Ethernet cable (provided)
If you are performing the initial configuration with the CLI, collect the following equipment:
■
■
A management device, such as a PC or laptop, with a serial port and an asynchronous terminal application (such as Microsoft Windows
Hyperterminal)
An RJ-45 to DB-9 serial port adapter (provided)
■
■
■
An Ethernet cable (provided)
For a remote connection, two dial-up modems
For a remote modem connection, a DB-9 female to DB-25 male adapter, or other adapter appropriate for your modem (not provided)
Connecting to a Services Router
You can connect to the Services Router using the J-Web or CLI interface.
This section contains the following topics:
■
Connecting to the J-Web Interface on page 135
■
Connecting to the CLI Locally on page 137
■
Connecting to the CLI Remotely on page 139
Connecting to the J-Web Interface
If you plan to use the J-Web interface to configure the Services Router, you must connect through one of the built-in Ethernet management ports, as shown in
Figure 64 on page 136 and Figure 65 on page 137.
When the Services Router is powered on for the first time, the system looks for a
DHCP server, and if it does not find one, it assigns an IP address within the
192.168.1.0/24 subnetwork to any devices connected to it.
To connect to the J-Web interface through port 0 on the router (see Figure 64 on page
136 and Figure 65 on page 137):
1.
On the management device, such as a PC or laptop, you use to access the J-Web interface, verify that the address of the port that you connect to the router is set to one of the following:
■
An Ethernet address on the
192.168.1/24
subnetwork other than
192.168.1.1
■
An Ethernet address from a DHCP server
2.
3.
Turn off the power to the management device.
Plug one end of the Ethernet cable into the Ethernet port on the management device.
Connecting to a Services Router
■ 135
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
5.
6.
7.
4.
8.
9.
Connect the other end of the Ethernet cable to the built-in Ethernet port on the router.
Power on the router by pressing the power button on the front panel.
Wait until the
STATUS
LED on the front panel turns solid green.
Turn on the power to the management device. The router assigns an IP address to the management device within the 192.168.1.0/24 subnetwork if the device is configured to use DHCP.
From the management device, open a Web browser and enter the IP address
192.168.1.1
in the address field. The Set Up Quick Configuration page appears.
NOTE: You must manually configure the IP address for the management port you are using before you save your initial configuration. When you save the configuration for the first time, you will lose the connection to the router if you have not manually configured the IP address. If you lose connection through the management interface, you must connect through the console port.
Figure 64: Connecting to the Gigabit Ethernet Port on J2320 and J2350 Routers
136 ■
Connecting to a Services Router
Chapter 7: Establishing Basic Connectivity
Figure 65: Connecting to the Gigabit Ethernet Port on J4350 and J6350 Routers
Connecting to the CLI Locally
If you plan to use the CLI to configure the router, you must connect through the
console port, as shown in Figure 66 on page 138 and Figure 67 on page 139.
NOTE: Figure 66 on page 138 and Figure 67 on page 139 show a connection to a local
management device. A remote connection to the router through a modem requires the cable and connector shown (provided in the router’s accessory box), plus a DB-9 female to DB-25 male (or similar) adapter for your modem, which you must purchase separately.
6.
7.
To connect to the CLI using a local management device through the console port on the router:
1.
Turn off power to the router.
2.
3.
Turn off the power to the management device, such as a PC or laptop computer, that you are using to access the CLI.
Plug one end of the Ethernet cable supplied with your router into the RJ-45 to
DB-9 serial port adapter supplied with your router (see Figure 66 on page 138
4.
5.
Plug the RJ-45 to DB-9 serial port adapter into the serial port on the management
device (see Figure 66 on page 138 and Figure 67 on page 139).
Connect the other end of the Ethernet cable to the console port on the router
(Figure 66 on page 138 and Figure 67 on page 139).
Turn on the power to the management device.
Start your asynchronous terminal emulation application (such as Microsoft
Windows Hyperterminal) and select the appropriate COM port to use (for example,
COM1
).
Connecting to a Services Router
■ 137
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
8.
Configure the port settings as follows:
■
Bits per second: 9600
■
Data bits: 8
■
■
Parity: None
Stop bits: 1
9.
■
Flow control: None
Power on the router by pressing the power button on the front panel. Verify that the
POWER
LED on the front panel turns green.
The terminal emulation screen on your management device displays the boot sequence. When the router has finished booting, a login prompt appears.
10.
Log in as the user “root”. No password is required at initial connection, but you must assign a root password before committing any configuration settings.
Figure 66: Connecting to the Console Port on J2320 and J2350 Routers
138 ■
Connecting to a Services Router
Chapter 7: Establishing Basic Connectivity
Figure 67: Connecting to the Console Port on J4350 and J6350 Routers
Connecting to the CLI Remotely
You can connect to the CLI from a remote location through two dial-up modems: a modem that is connected to the console port on the Services Router and a second modem connected to a remote management device. The modem connection allows you to remotely perform the same console operations you can perform locally.
This section contains the following topics:
■
Configuring the Modem at the Router End on page 139
■
■
Connecting the Modem to the Console Port on page 140
Connecting to the CLI at the User End on page 141
Configuring the Modem at the Router End
NOTE: These instructions use Hayes-compatible modem commands to configure the modem. If your modem is not Hayes-compatible, refer to the documentation for your modem and enter equivalent modem commands.
Before you can connect a dial-up modem to the console port on the Services Router, you must configure the modem to accept a call on the first ring and accept Data
Terminal Ready (DTR) signals. You must also disable flow control on the modem.
To configure the modem on the router end:
1.
Connect the modem to a PC or laptop computer.
2.
Power on the modem.
Connecting to a Services Router
■ 139
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
3.
4.
From the PC or laptop computer, start your asynchronous terminal emulation application (such as Microsoft Windows Hyperterminal) and select the COM port to which the modem is connected (for example,
COM1
).
Configure the port settings as follows:
■
Bits per second: 9600
■
Data bits: 8
■
■
■
Parity: None
Stop bits: 1
Flow control: None
5.
In the HyperTerminal window, enter
AT
.
8.
9.
6.
7.
An OK response verifies that the modem communicates successfully with the
COM port on the PC or laptop.
To configure the modem to answer a call on the first ring, enter ATS0=1 .
To configure the modem to accept modem control Data Terminal Ready (DTR) signals, enter AT&D1 .
To disable flow control, enter
AT&K0
.
To save modem settings, enter
AT&W
.
Connecting the Modem to the Console Port
NOTE: Most modems have an RS-232 DB-25 connector. You must separately purchase an adapter to connect your modem to the RJ-45 to DB-9 adapter and Ethernet cable supplied with the router.
8.
9.
6.
7.
1.
2.
3.
To connect the dial-up modem to the console port on the router:
4.
5.
Turn off power to the router.
Turn off the power to the modem.
Plug one end of the Ethernet cable supplied with your router into the console port on the router.
Plug the other end of the Ethernet cable into the RJ-45 to DB-9 serial port adapter supplied with your router.
Connect the serial port adapter to a separately purchased DB-9 female to DB-25 male adapter, or other adapter appropriate for your modem.
Plug the modem adapter into the DB-25 connector on the modem.
Connect the modem to your telephone network.
Turn on the power to the modem.
Power on the router by pressing the power button on the front panel. Verify that the POWER LED on the front panel turns green.
140 ■
Connecting to a Services Router
Chapter 7: Establishing Basic Connectivity
Connecting to the CLI at the User End
To remotely connect to the CLI through a dial-up modem connected to the console port on the router:
1.
2.
At your remote location, connect a modem to a management device such as a
PC or laptop computer.
On the PC or laptop computer, start your asynchronous terminal emulation application (such as Microsoft Windows Hyperterminal).
3.
4.
Select the COM port to which the modem is connected (for example, COM1 ).
Configure the port settings as follows:
■
Bits per second: 9600
■
Data bits: 8
■
Parity: None
■
■
Stop bits: 1
Flow control: None
5.
In the HyperTerminal window, enter AT .
6.
An
OK
response verifies that the modem communicates successfully with the
COM port on the PC or laptop.
To dial the modem that is connected to the console port on the router, enter
ATDT remote-modem-number
. For example, if the number of the modem connected to the console port on the router is
0013033033030
, enter
ATDT 0013033033030
.
7.
The router login prompt appears.
Log in as the user root . No password is required at initial connection, but you must assign a root password before committing any configuration settings.
Configuring Basic Settings with J-Web Quick Configuration
J-Web Quick Configuration allows you to configure basic settings. Figure 68 on page
142 shows the Quick Configuration page for basic setup.
Configuring Basic Settings with J-Web Quick Configuration
■ 141
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Figure 68: Set Up Quick Configuration Page
Before you configure the router, gather the information described in “Before You
To configure basic settings with J-Web Quick Configuration:
1.
If you have not already done so, connect a management device to the ge-0/0/0
interface on port 0/0. For instructions, see “Connecting to the J-Web
2.
3.
4.
If the Set Up Quick Configuration page is not displayed, select
Configuration>Quick Configuration >Set Up.
Enter information into the Set Up Quick Configuration page, as described in
Click one of the following buttons:
■
To apply the configuration and stay in the Set Up Quick Configuration page, click Apply.
■
To apply the configuration and return to the Quick Configuration page, click
OK.
142 ■
Configuring Basic Settings with J-Web Quick Configuration
Chapter 7: Establishing Basic Connectivity
■
To cancel your entries and return to the Quick Configuration page, click
Cancel.
NOTE: After initial configuration is complete, the Services Router stops functioning as a DHCP server. If you change the IP address of ge-0/0/0
and have the management device configured to use DHCP, you lose your DHCP lease and your connection to the router through the J-Web interface. To reestablish a connection, either set the IP address on the management device manually, or connect ge-0/0/0 to the management network and access the router another way—for example, through the console port.
5.
To check the configuration, see Displaying Basic Connectivity
Table 55: Set Up Quick Configuration Summary
Field Function
Identification
Host Name (required) Defines the hostname of the router.
Domain Name
Root Password
(required)
Defines the network or subnetwork that the machine belongs to.
Sets the root password that user “root” can use to log in to the router.
Your Action
Type the hostname.
Type the domain name.
Type a plain-text password that the system encrypts.
NOTE: After a root password has been defined, it is required when you log in to the J-Web user interface or the CLI.
Verify Root Password
(required)
Verifies the root password has been typed correctly.
Time
Time Zone
NTP Servers
Identifies the time zone that the router is located in.
Specify an NTP server that the router can reach to synchronize the system time.
Retype the password.
From the list, select the appropriate time zone.
To add an IP address, type it in the box to the left of the Add button, then click Add.
To delete an IP address, click on it in the box above the Add button, then click Delete.
Configuring Basic Settings with J-Web Quick Configuration
■ 143
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Table 55: Set Up Quick Configuration Summary (continued)
Field Function
Current System Time Synchronizes the system time with the NTP server, or manually set the system time and date.
Your Action
■
To immediately set the time using the NTP server, click Set Time via NTP. The router sends a request to the NTP server and synchronizes the system time.
NOTE: If you are configuring other settings on this page, the router also synchronizes the system time using the NTP server when you click Apply or OK.
■
To set the time manually, click Set Time
Manually. A pop-up window allows you to select the current date and time from lists.
Network
DNS Name Servers
Domain Search
Default Gateway
Loopback Address ge-0/0/0 Address
Specify a DNS server that the router can use to resolve hostnames into addresses.
To add an IP address, type it in the box to the left of the Add button, then click Add.
Adds each domain name that the router is included in to the configuration so that they are included in a DNS search.
To delete an IP address, click on it in the box above the Add button, then click Delete.
To add a domain name, type it in the box to the left of the Add button, then click Add.
To delete a domain name, click on it in the box above the Add button, then click Delete.
Defines a default gateway through which to direct packets addressed to networks not explicitly listed in the routing table.
Defines a reserved IP address that is always available on the router. If no address is entered, this address is set to 127.0.0.1/32.
Type a 32-bit IP address, in dotted decimal notation.
Type a 32-bit IP address and prefix length, in dotted decimal notation.
Defines the IP address and prefix length of ge-0/0/0 . The interface ge-0/0/0 is typically used as the management interface for accessing the router. The DHCP client sets this address to 192.168.1.1/24 if no DHCP server is found.
Type a 32-bit IP address and prefix length, in dotted decimal notation.
NOTE: You must enter the ge-0/0/0 address on the
Quick Configuration Set Up page before you click
Apply or OK. If you do not manually configure this address, you will lose your connection to the J-Web interface when you click Apply or OK.
Management Access
Allow Telnet Access Allows remote access to the router using
Telnet.
Allow JUNOScript over Clear-Text
Access
Allows JUNOScript to access the router using a protocol for sending unencrypted text over a TCP connection.
To enable Telnet access, select the check box.
To enable JUNOScript access over clear text, select the check box.
Allow SSH Access Allows remote access to the router using SSH.
To enable SSH access, select the check box.
144 ■
Configuring Basic Settings with J-Web Quick Configuration
Chapter 7: Establishing Basic Connectivity
Configuring Basic Settings with a Configuration Editor
To establish basic connectivity on a Services Router, you identify the router, connect the router to the network, and specify basic network settings.
In a typical network, the Services Router has the basic settings listed in
Table 56 on page 145. Determine the values to set on the Services Router in your
network.
Table 56: Sample Settings on a Services Router
Services Router Property
Services Router hostname
Sample Value routera
Access for user “root” SSH RSA public key
IP address of the NTP server used to synchronize system time on the Services Router
10.148.2.21
Services Router location Sunnyvale, California, USA, which is in the
America/Los_Angeles
time zone
IP address of the DNS server to which DNS requests are sent
Domains to which the Services Router belongs
10.148.2.32
lab.router.net
and router.net
IP address of a backup router to use while the Services Router is booting or if the routing protocol processes fail to start
192.168.2.12/24
Loopback IP address and prefix length for the Services Router lo0
interface
172.16.1.24/32
IP address and prefix length for the Services Router ge-0/0/0 interface
192.168.1.1/24
You can configure basic settings in the J-Web interface from a device attached to the ge-0/0/0
interface on port 0. For instructions, see “Connecting to the J-Web
Interface” on page 135. You can also connect to the CLI to configure basic settings.
To use a configuration editor to configure basic settings:
1.
Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
2.
To configure basic settings, perform the configuration tasks described in
Configuring Basic Settings with a Configuration Editor
■ 145
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
3.
4.
If you are using the J-Web interface, click Commit to view a summary of your changes, then click OK to commit the configuration. If you are using the CLI, commit the configuration by entering the commit command.
To check the configuration, see Displaying Basic Connectivity
Table 57: Configuring Basic Settings
Task
Navigate to the System level in the configuration hierarchy.
Define the hostname of the router.
J-Web Configuration Editor
1.
In the J-Web interface, select Configuration>View
and Edit> Edit Configuration.
2.
Next to System, click Configure or Edit.
CLI Configuration Editor
From the [edit] hierarchy level, enter edit system
In the Host name box, type the hostname of the router—for example, routera.
Set the hostname. For example: set host-name routera
In the Domain name box, type the domain name of the router—for example, lab.router.net.
Set the domain name. For example: set domain-name lab.router.net
Name the domain in which the router is located.
Allow SSH remote access.
1.
In the Nested configuration section, next to Services, click Configure or Edit.
2.
Next to Ssh, click Configure or Edit.
3.
Click OK.
4.
Click OK a second time to return to the System level in the configuration editor hierarchy.
Set remote access for SSH: set services ssh
Define root authentication for access to the router.
NOTE: For readability, the entire key is not shown.
1.
In the Nested configuration section, next to Root authentication, click Configure or Edit.
2.
Next to Ssh rsa, click Add New Entry.
3.
In the Authorized key box, type the RSA password—for example, ssh-rsa AAAAB3Nza...D9Y2gXF9ac== [email protected]
4.
Click OK.
5.
Click OK a second time to return to the System level in the configuration editor hierarchy.
Set the root password. For example: set root-authentication ssh-rsa
“ssh-rsa AAAAB3Nza...D9Y2gXF9ac== [email protected]”
Define the time zone the router is located in.
In the Time zone list, select the time zone for your router—for example, America/Los_Angeles.
Set the time zone. For example: set time-zone America/Los_Angeles
146 ■
Configuring Basic Settings with a Configuration Editor
Chapter 7: Establishing Basic Connectivity
Table 57: Configuring Basic Settings (continued)
Task J-Web Configuration Editor CLI Configuration Editor
Define the NTP server that
NTP requests can be sent to.
1.
In the Nested configuration section, next to Ntp, click
Configure or Edit.
2.
Next to Server, click Add New Entry.
3.
In the Address box, type the NTP server's IP address—for example, 10.148.2.21
4.
Click OK.
5.
Click OK a second time to return to the System level in the configuration editor hierarchy.
Set the address of the NTP server.
For example: set ntp server 10.148.2.21
Define the DNS server that receives DNS requests.
1.
Next to Name server, click Add New Entry.
2.
In the Address box, type the address of the DNS server—for example, 10.148.2.32.
3.
Click OK.
Set the address of the DNS server.
For example: set name-server 10.148.2.32
Add each domain that the router belongs to.
1.
Next to Domain search, click Add New Entry.
2.
In the Value box, type the name of the domain in which the router is located—for example, lab.router.net.
3.
Click OK.
4.
Next to Domain search, click Add New Entry.
5.
In the Value box, type the name of another domain that the router belongs to—for example, router.net.
6.
Click OK.
Set the domains to be searched. For example: set domain-search lab.router.net
set domain-search router.net
Define the backup router to be used when the router is booting or the routing protocol processes are not running.
In the Backup router section, next to Address, type the IP address of the backup router—for example, 192.168.2.44.
Set the address for the backup router. For example: set backup router address
192.168.2.44
Define the IP address for lo0.0
.
1.
In the configuration editor hierarchy, next to
Interfaces, click Configure or Edit.
2.
In the Interface table, locate the lo0 row and click Unit.
3.
In the Unit table, click 0, and in the Family section next to Inet, click Configure or Edit.
4.
To delete the existing IP address, click the Discard button. Select the Delete Configuration Below This
Point option button from the next display.
5.
Next to Address, click Add new entry.
6.
In the Source box, type the address and prefix length for the loopback interface—for example,
172.16.1.24/32 .
7.
Click OK.
1.
From the [edit] hierarchy level, enter edit interfaces
2.
Delete the existing IP address: delete lo0 unit 0 family inet address
3.
Set the IP address and prefix length of lo0.0. For example: set lo0 unit 0 family inet address 172.16.1.24/32
Configuring Basic Settings with a Configuration Editor
■ 147
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Table 57: Configuring Basic Settings (continued)
Task
Define the IP address for ge-0/0/0
.
J-Web Configuration Editor CLI Configuration Editor
1.
In the configuration editor hierarchy, next to
Interfaces, click Configure or Edit.
2.
In the Interface table, locate the ge-0/0/0 row and click Unit.
3.
In the Unit table, click 0, and in the Family section next to Inet, click Configure or Edit.
4.
To delete the existing IP address, click the Discard button. Select the Delete Configuration Below This
Point option button from the next display.
5.
Next to Address, click Add new entry.
6.
In the Source box, type the address and prefix length for the management interface—for example,
192.168.1.1/24 .
7.
Click OK.
1.
Delete the existing IP address: delete ge-0/0/0 unit 0 family inet address
.
2.
Set the IP address and prefix length of ge-0/0/0. For example: set ge-0/0/0 unit 0 family inet address 192.168.1.1/24
Verifying Basic Connectivity
To verify that the Services Router has the settings you configured, perform the following task.
148 ■
Verifying Basic Connectivity
Chapter 7: Establishing Basic Connectivity
Displaying Basic Connectivity Configurations
Purpose
Verify the configuration of basic connectivity. Because the basic connectivity settings appear in different places in the configuration hierarchy, displaying the entire configuration at once makes viewing the settings easier.
Action
From the J-Web interface, select
Configuration>View and Edit>View Configuration Text. Alternatively, from configuration mode in the CLI, enter the show
command. The following sample output
displays the sample values configured in Table 57 on page 146. Your output displays
the values you set.
What It Means
} system { host-name routera; domain-name lab.router.net;
} domain-search [ lab.router.net router.net ]; backup-router 192.168.2.44; time-zone America/Los_Angeles; root-authentication { ssh-rsa "ssh-rsa [email protected]"; name-server {
10.148.2.32;
} services {
}
} ntp { server 10.148.2.21;
} interfaces { ge-0/0/0 { unit 0 {
}
} lo0 {
} family inet { address 192.168.1.1/24;
} unit 0 { family inet { address 172.16.1.24/32;
}
}
The output shows the configuration of basic connectivity. Verify that the values displayed are correct for your Services Router.
See Also
For more information about the format of a configuration file, see the J-series Services
Router Basic LAN and WAN Access Configuration Guide.
Displaying Basic Connectivity Configurations
■ 149
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
150 ■
Displaying Basic Connectivity Configurations
advertisement
Related manuals
advertisement