Establishing Basic Connectivity. Juniper Networks J2320, J2350, J4350, J6350
Add to My manuals330 Pages
advertisement
![Establishing Basic Connectivity. Juniper Networks J2320, J2350, J4350, J6350 | Manualzz Establishing Basic Connectivity. Juniper Networks J2320, J2350, J4350, J6350 | Manualzz](http://s1.manualzz.com/store/data/002061636_1-8dbd967da37bc0ad75fe904e16fe02e5-360x466.png)
Chapter 7
Establishing Basic Connectivity
The JUNOS software is preinstalled on the Services Router. When the router is powered on, it is ready to be configured. If the router does not have a configuration from the factory or your service provider, you must configure the software to establish basic connectivity.
If you are setting up a Services Router for the first time, you can use either J-Web
Quick Configuration or a configuration editor to configure basic connectivity. For a brief explanation of J-Web Quick Configuration and the J-Web and CLI configuration
editors, see “Services Router User Interface Overview” on page 79.
If you are setting up many Services Routers, autoinstallation can help automate the configuration process. For more information about autoinstallation, see the J-series
Services Router Administration Guide.
This chapter contains the following topics. For more information about basic connectivity, see the JUNOS System Basics Configuration Guide.
■
■
■
Basic Connectivity Terms on page 129
Basic Connectivity Overview on page 130
■
■
■
■
Connecting to a Services Router on page 135
Configuring Basic Settings with J-Web Quick Configuration on page 141
Configuring Basic Settings with a Configuration Editor on page 145
Verifying Basic Connectivity on page 148
Basic Connectivity Terms
Before configuring basic connectivity, become familiar with the terms defined in
Table 54: Basic Connectivity Terms
Term
domain name
Definition
Name that identifies the network or subnetwork of a router.
Basic Connectivity Terms
■ 129
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Table 54: Basic Connectivity Terms (continued)
Term
Dynamic Host Configuration Protocol (DHCP) gateway hostname loopback address
Network Time Protocol (NTP) root user secure shell (SSH)
Telnet
Definition
Protocol for assigning dynamic IP addresses to devices on a network.
Packets destined for IP addresses not identified in the routing table are sent to the default gateway.
Unique name that identifies a router on the network.
IP address of a Services Router on logical interface lo0.0 that is always active and available to external hosts and as the source address for outgoing packets.
Protocol that provides a reliable way of synchronizing the system time of a router.
A superuser or system administrator who can perform any task in the file system.
Protocol that provides a secured method of logging in to a remote network system.
Software that allows a computer to act as a remote terminal on a network system.
Basic Connectivity Overview
To connect your Services Router to the network and establish basic connectivity, you enter information about your network. This overview contains the following topics:
■
■
Router Identification on page 130
■
■
■
■
■
■
■
Time Zone and System Time on page 131
Built-In Ethernet Interface Address on page 133
Router Identification
The domain name defines the network or subnetwork that the Services Router belongs to. The hostname refers to the specific machine, while the domain name is shared
130 ■
Basic Connectivity Overview
Chapter 7: Establishing Basic Connectivity among all the devices in a given network. Together the hostname and domain name identify the router in the network.
Root Password
The root user has complete privileges to configure the Services Router, and manage files in the router's file system. Initially, the root password is not defined on the router. To ensure basic security, you must define the root password during initial configuration. If a root password is not defined, you cannot commit configuration settings to take effect on the router.
If you use a plain-text password, the router displays the password as an encrypted string so that users viewing the configuration cannot easily see the password.
The root password must meet the following conditions:
■
The password must be at least 6 characters long.
■
■
You can include most character classes in a password (alphabetic, numeric, and special characters), except control characters.
Valid passwords must contain at least one change of case or character class.
For Common Criteria environments only, the password must be between 10 and
20 characters long and must include at least three of the five character classes
(uppercase letters, lowercase letters, punctuation marks, numbers, and other special characters). Control characters are not recommended. For more information, see the Secure Configuration Guide for Common Criteria and JUNOS-FIPS.
Time Zone and System Time
You define the time zone for the location where you plan to operate the Services
Router by using a designation that consists of the following information for the location:
■
Name of the continent or ocean—For example,
America
or
Atlantic
■
Name of the major city or other geographic feature in the time zone—For example,
Detroit
or
Azores
A Network Time Protocol (NTP) server provides accurate time across a network. The router synchronizes the system time with the NTP server, and periodically accesses the NTP server to maintain the correct time.
The time zone and system time must be accurate so that the router schedules events and operations as expected.
For Common Criteria compliance, you must configure NTP to provide accurate timestamps for system log messages. For more information, see the Secure
Configuration Guide for Common Criteria and JUNOS-FIPS.
Basic Connectivity Overview
■ 131
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Network Settings
A Domain Name System (DNS) server on the network maintains a database for resolving hostnames and IP addresses. Network devices can query the DNS server by hostnames rather than IP addresses. The router accesses the DNS servers that are added to the configuration to resolve hostnames in the order in which you list them.
If you plan to include your router in several domains, you can add these domains to the configuration so that they are included in a DNS search. When DNS searches are requested, the domain suffixes are appended to the hostnames.
Default Gateway
A default gateway is a static route that is used to direct packets addressed to networks not explicitly listed in the routing table. If a packet arrives at the Services Router with an address that the router does not have routing information for, the router sends the packet to the default gateway. The default gateway entry is always present in the routing and forwarding tables.
Backup Router
You can specify a backup router to take over when the routing protocol process of the Services Router is not running, usually when the Services Router is booting, or if its routing protocol process has failed. Packets arriving at a Services Router in this situation are routed to the backup router. When the routing protocol process starts up again, the address of the backup router is removed from the routing and forwarding tables of the Services Router. The backup router must be located on the same subnet.
NOTE: To configure a backup router, you must use the CLI or J-Web configuration editor. You cannot configure a backup router with J-Web Quick Configuration.
Loopback Address
The loopback address is the IP address of the Services Router. The loopback address ensures that the router provides an IP address to management applications. Because it must always be available to hosts attempting to route packets to the router, the loopback address resides on an interface that is always active, known as the loopback interface ( lo0.0
). Setting a loopback address ensures that the router can receive packets addressed to the loopback address as long as the router is reachable though any entry (ingress) interface. In addition, applications such as NTP, RADIUS, and
TACACS+ can use the loopback address as the source address for outgoing packets.
If you use the J-Web Set Up Quick Configuration page, you can either set a loopback address of your choice or have the loopback address automatically set to
127.0.0.1
when you click Apply or OK to commit the configuration.
132 ■
Basic Connectivity Overview
Chapter 7: Establishing Basic Connectivity
Built-In Ethernet Interface Address
The built-in Gigabit Ethernet interfaces, ge-0/0/0 through ge-0/0/3 , on the front panel of the Services Router, are the interfaces through which you perform initial router setup. The examples in this guide use the ge-0/0/0 interface as the management interface, but you can use any built-in Ethernet port for management.
After the initial configuration is complete, you can attach the built-in Ethernet port that you are using for management purposes to the management network.
Before initial configuration, when the factory default configuration is active, the router attempts to perform autoinstallation by obtaining a router configuration through all its connected interfaces, including ge-0/0/0
. The Services Router acts as a DHCP client out the built-in Ethernet interfaces.
If the Services Router does not find a DHCP server within a few seconds, it sets the address of ge-0/0/0 to 192.168.1.1/24 and becomes a DHCP server out the ge-0/0/0 interface.
NOTE: If the ge-0/0/1 interface is being used, it is set to 192.168.2.1/24 .
With the router temporarily acting as a DHCP server, you can manually configure it with the J-Web interface. Any DHCP client host, for example, a PC or laptop computer, directly connected to ge-0/0/0 receives an address on the 192.168.1.1/24 network.
NOTE: The DHCP functionality for initial setup is different from the configurable
DHCP server functionality of the Services Router during operation. To configure the
Services Router as a DHCP server, see the J-series Services Router Administration
Guide.
Once you connect your laptop or PC to ge-0/0/0 , you can use a Web browser to visit the address
192.168.1.1/24
, access the J-Web Set Up Quick Configuration page, and complete the initial configuration of the router.
After you perform the initial configuration and commit it by clicking Apply or OK on the Set Up page, the configured router can no longer act as a DHCP server.
Therefore, in order to continue using it as a management interface you should configure the IP address of the interface as part of the initial configuration.
Management Access
Telnet allows you to connect to the Services Router and access the CLI to execute commands from a remote system. Telnet connections are not encrypted and therefore can be intercepted.
Telnet access to the root user is prohibited. You must use more secure methods, such as SSH, to log in as root
.
If you are using a JUNOScript server to configure and monitor routers, you can activate clear-text access on the router to allow unencrypted text to be sent directly over a
Basic Connectivity Overview
■ 133
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
TCP connection without using any additional protocol (such as SSH, SSL, or Telnet).
Information sent in clear text is not encrypted and therefore can be intercepted. For more information about the JUNOScript application programming interface (API), see the JUNOScript API Guide.
If the router is operating in a Common Criteria environment, see the Secure
Configuration Guide for Common Criteria and JUNOS-FIPS.
SSH also allows you to connect to the router and access the CLI to execute commands from a remote system. However, unlike Telnet, SSH encrypts traffic so that it cannot be intercepted.
SSH can be configured so that connections are authenticated by a digital certificate.
SSH uses public-private key technology for both connection and authentication. The
SSH client software must be installed on the machine where the client application runs. If the SSH private key is encrypted (for greater security), the SSH client must be able to access the passphrase used to decrypt the key.
For information about obtaining SSH software, see http://www.ssh.com
and http://www.openssh.com
.
Before You Begin
Before you begin initial configuration, complete the following tasks:
■
■
Gather the following information:
■
Hostname for the router on the network
■
Domain that the router belongs to on the network
■
Password for the root user
■
■
■
■
■
■
■
Time zone where the router is located
IP address of an NTP server (if NTP is used to set the time on the router)
IP address of a DNS server
List of domains that can be appended to hostnames for DNS resolution
IP address of the default gateway
IP address to be used for the loopback interface
■
IP address of the built-in Ethernet interface that you will use for management purposes. The examples in this guide use the ge-0/0/0 interface.
If you are performing the initial configuration with the J-Web interface, collect the following equipment:
■
A management device, such as a laptop, with an Ethernet port
134 ■
Before You Begin
Chapter 7: Establishing Basic Connectivity
■
■
An Ethernet cable (provided)
If you are performing the initial configuration with the CLI, collect the following equipment:
■
■
A management device, such as a PC or laptop, with a serial port and an asynchronous terminal application (such as Microsoft Windows
Hyperterminal)
An RJ-45 to DB-9 serial port adapter (provided)
■
■
■
An Ethernet cable (provided)
For a remote connection, two dial-up modems
For a remote modem connection, a DB-9 female to DB-25 male adapter, or other adapter appropriate for your modem (not provided)
Connecting to a Services Router
You can connect to the Services Router using the J-Web or CLI interface.
This section contains the following topics:
■
Connecting to the J-Web Interface on page 135
■
Connecting to the CLI Locally on page 137
■
Connecting to the CLI Remotely on page 139
Connecting to the J-Web Interface
If you plan to use the J-Web interface to configure the Services Router, you must connect through one of the built-in Ethernet management ports, as shown in
Figure 64 on page 136 and Figure 65 on page 137.
When the Services Router is powered on for the first time, the system looks for a
DHCP server, and if it does not find one, it assigns an IP address within the
192.168.1.0/24 subnetwork to any devices connected to it.
To connect to the J-Web interface through port 0 on the router (see Figure 64 on page
136 and Figure 65 on page 137):
1.
On the management device, such as a PC or laptop, you use to access the J-Web interface, verify that the address of the port that you connect to the router is set to one of the following:
■
An Ethernet address on the
192.168.1/24
subnetwork other than
192.168.1.1
■
An Ethernet address from a DHCP server
2.
3.
Turn off the power to the management device.
Plug one end of the Ethernet cable into the Ethernet port on the management device.
Connecting to a Services Router
■ 135
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
5.
6.
7.
4.
8.
9.
Connect the other end of the Ethernet cable to the built-in Ethernet port on the router.
Power on the router by pressing the power button on the front panel.
Wait until the
STATUS
LED on the front panel turns solid green.
Turn on the power to the management device. The router assigns an IP address to the management device within the 192.168.1.0/24 subnetwork if the device is configured to use DHCP.
From the management device, open a Web browser and enter the IP address
192.168.1.1
in the address field. The Set Up Quick Configuration page appears.
NOTE: You must manually configure the IP address for the management port you are using before you save your initial configuration. When you save the configuration for the first time, you will lose the connection to the router if you have not manually configured the IP address. If you lose connection through the management interface, you must connect through the console port.
Figure 64: Connecting to the Gigabit Ethernet Port on J2320 and J2350 Routers
136 ■
Connecting to a Services Router
Chapter 7: Establishing Basic Connectivity
Figure 65: Connecting to the Gigabit Ethernet Port on J4350 and J6350 Routers
Connecting to the CLI Locally
If you plan to use the CLI to configure the router, you must connect through the
console port, as shown in Figure 66 on page 138 and Figure 67 on page 139.
NOTE: Figure 66 on page 138 and Figure 67 on page 139 show a connection to a local
management device. A remote connection to the router through a modem requires the cable and connector shown (provided in the router’s accessory box), plus a DB-9 female to DB-25 male (or similar) adapter for your modem, which you must purchase separately.
6.
7.
To connect to the CLI using a local management device through the console port on the router:
1.
Turn off power to the router.
2.
3.
Turn off the power to the management device, such as a PC or laptop computer, that you are using to access the CLI.
Plug one end of the Ethernet cable supplied with your router into the RJ-45 to
DB-9 serial port adapter supplied with your router (see Figure 66 on page 138
4.
5.
Plug the RJ-45 to DB-9 serial port adapter into the serial port on the management
device (see Figure 66 on page 138 and Figure 67 on page 139).
Connect the other end of the Ethernet cable to the console port on the router
(Figure 66 on page 138 and Figure 67 on page 139).
Turn on the power to the management device.
Start your asynchronous terminal emulation application (such as Microsoft
Windows Hyperterminal) and select the appropriate COM port to use (for example,
COM1
).
Connecting to a Services Router
■ 137
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
8.
Configure the port settings as follows:
■
Bits per second: 9600
■
Data bits: 8
■
■
Parity: None
Stop bits: 1
9.
■
Flow control: None
Power on the router by pressing the power button on the front panel. Verify that the
POWER
LED on the front panel turns green.
The terminal emulation screen on your management device displays the boot sequence. When the router has finished booting, a login prompt appears.
10.
Log in as the user “root”. No password is required at initial connection, but you must assign a root password before committing any configuration settings.
Figure 66: Connecting to the Console Port on J2320 and J2350 Routers
138 ■
Connecting to a Services Router
Chapter 7: Establishing Basic Connectivity
Figure 67: Connecting to the Console Port on J4350 and J6350 Routers
Connecting to the CLI Remotely
You can connect to the CLI from a remote location through two dial-up modems: a modem that is connected to the console port on the Services Router and a second modem connected to a remote management device. The modem connection allows you to remotely perform the same console operations you can perform locally.
This section contains the following topics:
■
Configuring the Modem at the Router End on page 139
■
■
Connecting the Modem to the Console Port on page 140
Connecting to the CLI at the User End on page 141
Configuring the Modem at the Router End
NOTE: These instructions use Hayes-compatible modem commands to configure the modem. If your modem is not Hayes-compatible, refer to the documentation for your modem and enter equivalent modem commands.
Before you can connect a dial-up modem to the console port on the Services Router, you must configure the modem to accept a call on the first ring and accept Data
Terminal Ready (DTR) signals. You must also disable flow control on the modem.
To configure the modem on the router end:
1.
Connect the modem to a PC or laptop computer.
2.
Power on the modem.
Connecting to a Services Router
■ 139
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
3.
4.
From the PC or laptop computer, start your asynchronous terminal emulation application (such as Microsoft Windows Hyperterminal) and select the COM port to which the modem is connected (for example,
COM1
).
Configure the port settings as follows:
■
Bits per second: 9600
■
Data bits: 8
■
■
■
Parity: None
Stop bits: 1
Flow control: None
5.
In the HyperTerminal window, enter
AT
.
8.
9.
6.
7.
An OK response verifies that the modem communicates successfully with the
COM port on the PC or laptop.
To configure the modem to answer a call on the first ring, enter ATS0=1 .
To configure the modem to accept modem control Data Terminal Ready (DTR) signals, enter AT&D1 .
To disable flow control, enter
AT&K0
.
To save modem settings, enter
AT&W
.
Connecting the Modem to the Console Port
NOTE: Most modems have an RS-232 DB-25 connector. You must separately purchase an adapter to connect your modem to the RJ-45 to DB-9 adapter and Ethernet cable supplied with the router.
8.
9.
6.
7.
1.
2.
3.
To connect the dial-up modem to the console port on the router:
4.
5.
Turn off power to the router.
Turn off the power to the modem.
Plug one end of the Ethernet cable supplied with your router into the console port on the router.
Plug the other end of the Ethernet cable into the RJ-45 to DB-9 serial port adapter supplied with your router.
Connect the serial port adapter to a separately purchased DB-9 female to DB-25 male adapter, or other adapter appropriate for your modem.
Plug the modem adapter into the DB-25 connector on the modem.
Connect the modem to your telephone network.
Turn on the power to the modem.
Power on the router by pressing the power button on the front panel. Verify that the POWER LED on the front panel turns green.
140 ■
Connecting to a Services Router
Chapter 7: Establishing Basic Connectivity
Connecting to the CLI at the User End
To remotely connect to the CLI through a dial-up modem connected to the console port on the router:
1.
2.
At your remote location, connect a modem to a management device such as a
PC or laptop computer.
On the PC or laptop computer, start your asynchronous terminal emulation application (such as Microsoft Windows Hyperterminal).
3.
4.
Select the COM port to which the modem is connected (for example, COM1 ).
Configure the port settings as follows:
■
Bits per second: 9600
■
Data bits: 8
■
Parity: None
■
■
Stop bits: 1
Flow control: None
5.
In the HyperTerminal window, enter AT .
6.
An
OK
response verifies that the modem communicates successfully with the
COM port on the PC or laptop.
To dial the modem that is connected to the console port on the router, enter
ATDT remote-modem-number
. For example, if the number of the modem connected to the console port on the router is
0013033033030
, enter
ATDT 0013033033030
.
7.
The router login prompt appears.
Log in as the user root . No password is required at initial connection, but you must assign a root password before committing any configuration settings.
Configuring Basic Settings with J-Web Quick Configuration
J-Web Quick Configuration allows you to configure basic settings. Figure 68 on page
142 shows the Quick Configuration page for basic setup.
Configuring Basic Settings with J-Web Quick Configuration
■ 141
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Figure 68: Set Up Quick Configuration Page
Before you configure the router, gather the information described in “Before You
To configure basic settings with J-Web Quick Configuration:
1.
If you have not already done so, connect a management device to the ge-0/0/0
interface on port 0/0. For instructions, see “Connecting to the J-Web
2.
3.
4.
If the Set Up Quick Configuration page is not displayed, select
Configuration>Quick Configuration >Set Up.
Enter information into the Set Up Quick Configuration page, as described in
Click one of the following buttons:
■
To apply the configuration and stay in the Set Up Quick Configuration page, click Apply.
■
To apply the configuration and return to the Quick Configuration page, click
OK.
142 ■
Configuring Basic Settings with J-Web Quick Configuration
Chapter 7: Establishing Basic Connectivity
■
To cancel your entries and return to the Quick Configuration page, click
Cancel.
NOTE: After initial configuration is complete, the Services Router stops functioning as a DHCP server. If you change the IP address of ge-0/0/0
and have the management device configured to use DHCP, you lose your DHCP lease and your connection to the router through the J-Web interface. To reestablish a connection, either set the IP address on the management device manually, or connect ge-0/0/0 to the management network and access the router another way—for example, through the console port.
5.
To check the configuration, see Displaying Basic Connectivity
Table 55: Set Up Quick Configuration Summary
Field Function
Identification
Host Name (required) Defines the hostname of the router.
Domain Name
Root Password
(required)
Defines the network or subnetwork that the machine belongs to.
Sets the root password that user “root” can use to log in to the router.
Your Action
Type the hostname.
Type the domain name.
Type a plain-text password that the system encrypts.
NOTE: After a root password has been defined, it is required when you log in to the J-Web user interface or the CLI.
Verify Root Password
(required)
Verifies the root password has been typed correctly.
Time
Time Zone
NTP Servers
Identifies the time zone that the router is located in.
Specify an NTP server that the router can reach to synchronize the system time.
Retype the password.
From the list, select the appropriate time zone.
To add an IP address, type it in the box to the left of the Add button, then click Add.
To delete an IP address, click on it in the box above the Add button, then click Delete.
Configuring Basic Settings with J-Web Quick Configuration
■ 143
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Table 55: Set Up Quick Configuration Summary (continued)
Field Function
Current System Time Synchronizes the system time with the NTP server, or manually set the system time and date.
Your Action
■
To immediately set the time using the NTP server, click Set Time via NTP. The router sends a request to the NTP server and synchronizes the system time.
NOTE: If you are configuring other settings on this page, the router also synchronizes the system time using the NTP server when you click Apply or OK.
■
To set the time manually, click Set Time
Manually. A pop-up window allows you to select the current date and time from lists.
Network
DNS Name Servers
Domain Search
Default Gateway
Loopback Address ge-0/0/0 Address
Specify a DNS server that the router can use to resolve hostnames into addresses.
To add an IP address, type it in the box to the left of the Add button, then click Add.
Adds each domain name that the router is included in to the configuration so that they are included in a DNS search.
To delete an IP address, click on it in the box above the Add button, then click Delete.
To add a domain name, type it in the box to the left of the Add button, then click Add.
To delete a domain name, click on it in the box above the Add button, then click Delete.
Defines a default gateway through which to direct packets addressed to networks not explicitly listed in the routing table.
Defines a reserved IP address that is always available on the router. If no address is entered, this address is set to 127.0.0.1/32.
Type a 32-bit IP address, in dotted decimal notation.
Type a 32-bit IP address and prefix length, in dotted decimal notation.
Defines the IP address and prefix length of ge-0/0/0 . The interface ge-0/0/0 is typically used as the management interface for accessing the router. The DHCP client sets this address to 192.168.1.1/24 if no DHCP server is found.
Type a 32-bit IP address and prefix length, in dotted decimal notation.
NOTE: You must enter the ge-0/0/0 address on the
Quick Configuration Set Up page before you click
Apply or OK. If you do not manually configure this address, you will lose your connection to the J-Web interface when you click Apply or OK.
Management Access
Allow Telnet Access Allows remote access to the router using
Telnet.
Allow JUNOScript over Clear-Text
Access
Allows JUNOScript to access the router using a protocol for sending unencrypted text over a TCP connection.
To enable Telnet access, select the check box.
To enable JUNOScript access over clear text, select the check box.
Allow SSH Access Allows remote access to the router using SSH.
To enable SSH access, select the check box.
144 ■
Configuring Basic Settings with J-Web Quick Configuration
Chapter 7: Establishing Basic Connectivity
Configuring Basic Settings with a Configuration Editor
To establish basic connectivity on a Services Router, you identify the router, connect the router to the network, and specify basic network settings.
In a typical network, the Services Router has the basic settings listed in
Table 56 on page 145. Determine the values to set on the Services Router in your
network.
Table 56: Sample Settings on a Services Router
Services Router Property
Services Router hostname
Sample Value routera
Access for user “root” SSH RSA public key
IP address of the NTP server used to synchronize system time on the Services Router
10.148.2.21
Services Router location Sunnyvale, California, USA, which is in the
America/Los_Angeles
time zone
IP address of the DNS server to which DNS requests are sent
Domains to which the Services Router belongs
10.148.2.32
lab.router.net
and router.net
IP address of a backup router to use while the Services Router is booting or if the routing protocol processes fail to start
192.168.2.12/24
Loopback IP address and prefix length for the Services Router lo0
interface
172.16.1.24/32
IP address and prefix length for the Services Router ge-0/0/0 interface
192.168.1.1/24
You can configure basic settings in the J-Web interface from a device attached to the ge-0/0/0
interface on port 0. For instructions, see “Connecting to the J-Web
Interface” on page 135. You can also connect to the CLI to configure basic settings.
To use a configuration editor to configure basic settings:
1.
Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
2.
To configure basic settings, perform the configuration tasks described in
Configuring Basic Settings with a Configuration Editor
■ 145
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
3.
4.
If you are using the J-Web interface, click Commit to view a summary of your changes, then click OK to commit the configuration. If you are using the CLI, commit the configuration by entering the commit command.
To check the configuration, see Displaying Basic Connectivity
Table 57: Configuring Basic Settings
Task
Navigate to the System level in the configuration hierarchy.
Define the hostname of the router.
J-Web Configuration Editor
1.
In the J-Web interface, select Configuration>View
and Edit> Edit Configuration.
2.
Next to System, click Configure or Edit.
CLI Configuration Editor
From the [edit] hierarchy level, enter edit system
In the Host name box, type the hostname of the router—for example, routera.
Set the hostname. For example: set host-name routera
In the Domain name box, type the domain name of the router—for example, lab.router.net.
Set the domain name. For example: set domain-name lab.router.net
Name the domain in which the router is located.
Allow SSH remote access.
1.
In the Nested configuration section, next to Services, click Configure or Edit.
2.
Next to Ssh, click Configure or Edit.
3.
Click OK.
4.
Click OK a second time to return to the System level in the configuration editor hierarchy.
Set remote access for SSH: set services ssh
Define root authentication for access to the router.
NOTE: For readability, the entire key is not shown.
1.
In the Nested configuration section, next to Root authentication, click Configure or Edit.
2.
Next to Ssh rsa, click Add New Entry.
3.
In the Authorized key box, type the RSA password—for example, ssh-rsa AAAAB3Nza...D9Y2gXF9ac== [email protected]
4.
Click OK.
5.
Click OK a second time to return to the System level in the configuration editor hierarchy.
Set the root password. For example: set root-authentication ssh-rsa
“ssh-rsa AAAAB3Nza...D9Y2gXF9ac== [email protected]”
Define the time zone the router is located in.
In the Time zone list, select the time zone for your router—for example, America/Los_Angeles.
Set the time zone. For example: set time-zone America/Los_Angeles
146 ■
Configuring Basic Settings with a Configuration Editor
Chapter 7: Establishing Basic Connectivity
Table 57: Configuring Basic Settings (continued)
Task J-Web Configuration Editor CLI Configuration Editor
Define the NTP server that
NTP requests can be sent to.
1.
In the Nested configuration section, next to Ntp, click
Configure or Edit.
2.
Next to Server, click Add New Entry.
3.
In the Address box, type the NTP server's IP address—for example, 10.148.2.21
4.
Click OK.
5.
Click OK a second time to return to the System level in the configuration editor hierarchy.
Set the address of the NTP server.
For example: set ntp server 10.148.2.21
Define the DNS server that receives DNS requests.
1.
Next to Name server, click Add New Entry.
2.
In the Address box, type the address of the DNS server—for example, 10.148.2.32.
3.
Click OK.
Set the address of the DNS server.
For example: set name-server 10.148.2.32
Add each domain that the router belongs to.
1.
Next to Domain search, click Add New Entry.
2.
In the Value box, type the name of the domain in which the router is located—for example, lab.router.net.
3.
Click OK.
4.
Next to Domain search, click Add New Entry.
5.
In the Value box, type the name of another domain that the router belongs to—for example, router.net.
6.
Click OK.
Set the domains to be searched. For example: set domain-search lab.router.net
set domain-search router.net
Define the backup router to be used when the router is booting or the routing protocol processes are not running.
In the Backup router section, next to Address, type the IP address of the backup router—for example, 192.168.2.44.
Set the address for the backup router. For example: set backup router address
192.168.2.44
Define the IP address for lo0.0
.
1.
In the configuration editor hierarchy, next to
Interfaces, click Configure or Edit.
2.
In the Interface table, locate the lo0 row and click Unit.
3.
In the Unit table, click 0, and in the Family section next to Inet, click Configure or Edit.
4.
To delete the existing IP address, click the Discard button. Select the Delete Configuration Below This
Point option button from the next display.
5.
Next to Address, click Add new entry.
6.
In the Source box, type the address and prefix length for the loopback interface—for example,
172.16.1.24/32 .
7.
Click OK.
1.
From the [edit] hierarchy level, enter edit interfaces
2.
Delete the existing IP address: delete lo0 unit 0 family inet address
3.
Set the IP address and prefix length of lo0.0. For example: set lo0 unit 0 family inet address 172.16.1.24/32
Configuring Basic Settings with a Configuration Editor
■ 147
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
Table 57: Configuring Basic Settings (continued)
Task
Define the IP address for ge-0/0/0
.
J-Web Configuration Editor CLI Configuration Editor
1.
In the configuration editor hierarchy, next to
Interfaces, click Configure or Edit.
2.
In the Interface table, locate the ge-0/0/0 row and click Unit.
3.
In the Unit table, click 0, and in the Family section next to Inet, click Configure or Edit.
4.
To delete the existing IP address, click the Discard button. Select the Delete Configuration Below This
Point option button from the next display.
5.
Next to Address, click Add new entry.
6.
In the Source box, type the address and prefix length for the management interface—for example,
192.168.1.1/24 .
7.
Click OK.
1.
Delete the existing IP address: delete ge-0/0/0 unit 0 family inet address
.
2.
Set the IP address and prefix length of ge-0/0/0. For example: set ge-0/0/0 unit 0 family inet address 192.168.1.1/24
Verifying Basic Connectivity
To verify that the Services Router has the settings you configured, perform the following task.
148 ■
Verifying Basic Connectivity
Chapter 7: Establishing Basic Connectivity
Displaying Basic Connectivity Configurations
Purpose
Verify the configuration of basic connectivity. Because the basic connectivity settings appear in different places in the configuration hierarchy, displaying the entire configuration at once makes viewing the settings easier.
Action
From the J-Web interface, select
Configuration>View and Edit>View Configuration Text. Alternatively, from configuration mode in the CLI, enter the show
command. The following sample output
displays the sample values configured in Table 57 on page 146. Your output displays
the values you set.
What It Means
} system { host-name routera; domain-name lab.router.net;
} domain-search [ lab.router.net router.net ]; backup-router 192.168.2.44; time-zone America/Los_Angeles; root-authentication { ssh-rsa "ssh-rsa [email protected]"; name-server {
10.148.2.32;
} services {
}
} ntp { server 10.148.2.21;
} interfaces { ge-0/0/0 { unit 0 {
}
} lo0 {
} family inet { address 192.168.1.1/24;
} unit 0 { family inet { address 172.16.1.24/32;
}
}
The output shows the configuration of basic connectivity. Verify that the values displayed are correct for your Services Router.
See Also
For more information about the format of a configuration file, see the J-series Services
Router Basic LAN and WAN Access Configuration Guide.
Displaying Basic Connectivity Configurations
■ 149
J2320, J2350, J4350, and J6350 Services Router Getting Started Guide
150 ■
Displaying Basic Connectivity Configurations
advertisement
Related manuals
advertisement
Table of contents
- 5 Abbreviated Table of Contents
- 7 Table of Contents
- 15 About This Guide
- 15 Objectives
- 15 Audience
- 16 How to Use This Guide
- 17 Document Conventions
- 18 Related Juniper Networks Documentation
- 21 Documentation Feedback
- 21 Requesting Support
- 23 J-series Overview
- 25 Overview of Services Routers
- 26 J2320 Services Router Overview
- 26 J2350 Services Router Overview
- 27 J4350 Services Router Overview
- 28 J6350 Services Router Overview
- 29 J-series Software Features and Licenses
- 35 System Overview
- 35 J2320 and J2350 Services Router Hardware Features
- 36 J2320 and J2350 Chassis
- 40 J2320 and J2350 Midplane
- 40 J2320 and J2350 Routing Engine Hardware
- 41 J2320 and J2350 Boot Devices
- 41 J2320 and J2350 Front Panel
- 42 Physical Interface Modules (PIMs)
- 42 Power Button and POWER LED
- 43 STATUS LED
- 43 ALARM LED
- 44 HA LED
- 44 RESET CONFIG Button
- 45 Built-In Gigabit Ethernet Ports
- 45 Console Port
- 45 AUX Port
- 46 USB Port
- 46 J2320 and J2350 External Compact Flashes
- 46 J2320 Power System
- 46 J2350 Power System
- 47 J2320 and J2350 Cooling System
- 48 J4350 and J6350 Services Router Hardware Features
- 49 J4350 and J6350 Chassis
- 53 J4350 and J6350 Midplane
- 53 J4350 and J6350 Routing Engine Hardware
- 53 J4350 and J6350 Boot Devices
- 54 J4350 and J6350 Front Panel
- 54 Physical Interface Modules (PIMs)
- 55 Power Button and POWER LED
- 56 STATUS LED
- 56 ALARM LED
- 57 HA LED
- 57 RESET CONFIG Button
- 57 Built-In Gigabit Ethernet Ports
- 58 Console Port
- 58 AUX Port
- 58 USB Port
- 58 J4350 Power System
- 59 J6350 Power System
- 60 J4350 and J6350 Cooling System
- 61 Software Overview
- 62 Routing Engine and Packet Forwarding Engine
- 62 Kernel and Microkernel
- 62 JUNOS Software Processes
- 63 User Interfaces
- 65 PIM and VoIP Module Overview
- 66 PIM and VoIP Module Terms
- 68 Field-Replaceable PIMs
- 68 J2320 and J2350 Field-Replaceable PIM Summary
- 69 J4350 and J6350 Field-Replaceable PIM Summary
- 71 1-Port, 6-Port, 8-Port, and 16-Port Gigabit Ethernet uPIMs
- 74 1-Port Gigabit Ethernet ePIMs
- 77 Dual-Port Serial PIM
- 78 Dual-Port T1 or E1 PIM
- 79 Dual-Port Channelized T1/E1/ISDN PRI PIM
- 81 T3 or E3 PIM
- 83 Dual-Port Fast Ethernet PIM
- 84 4-Port Fast Ethernet ePIM
- 85 4-Port ISDN BRI PIMs
- 86 ADSL PIM
- 88 G.SHDSL PIM
- 89 Avaya VoIP Modules
- 89 Avaya VoIP Module Summary
- 91 TGM550 Telephony Gateway Module
- 95 TIM510 E1/T1 Telephony Interface Module
- 96 TIM514 Analog Telephony Interface Module
- 97 TIM521 BRI Telephony Interface Module
- 101 Services Router User Interface Overview
- 101 User Interface Overview
- 101 J-Web Overview
- 102 CLI Overview
- 102 Before You Begin
- 103 Using the J-Web Interface
- 103 Starting the J-Web Interface
- 104 J-Web Layout
- 105 Elements of the J-Web Interface
- 105 Top Pane Elements
- 106 Main Pane Elements
- 107 Side Pane Elements
- 107 Navigating the J-Web Interface
- 108 Navigating the Quick Configuration Pages
- 108 Navigating the J-Web Configuration Editor
- 109 Getting J-Web Help
- 110 J-Web Sessions
- 111 Using the Command-Line Interface
- 111 CLI Command Hierarchy
- 112 Starting the CLI
- 112 CLI Operational Mode
- 113 CLI Configuration Mode
- 114 CLI Basics
- 114 Editing Keystrokes
- 115 Command Completion
- 116 Online Help
- 117 Configuring the CLI Environment
- 121 Installing a Services Router
- 123 Preparing for Router Installation
- 123 General Site Guidelines
- 124 Rack Requirements
- 124 Rack Size and Strength for J2320 and J2350 Routers
- 125 Rack Size and Strength for J4350 and J6350 Routers
- 125 Connection to Building Structure
- 126 Router Environmental Tolerances
- 126 Fire Safety Requirements
- 126 Fire Suppression
- 127 Fire Suppression Equipment
- 127 Power Guidelines, Requirements, and Specifications
- 128 Site Electrical Wiring Guidelines
- 128 Signaling Limitations
- 128 Radio Frequency Interference
- 128 Electromagnetic Compatibility
- 128 Router Power Requirements
- 129 AC Power, Connection, and Power Cord Specifications
- 130 DC Power, Connection, and Power Cable Specifications
- 132 Planning for Power Management
- 134 Network Cable Specifications
- 134 ISDN Provisioning
- 134 Site Preparation Checklist
- 137 Installing and Connecting a Services Router
- 137 Before You Begin
- 138 Unpacking a J-series Services Router
- 139 Installing J2320 and J2350 Routers
- 140 Installing J4350 and J6350 Routers
- 143 Connecting Interface Cables to Services Routers
- 143 Chassis Grounding
- 144 Connecting Power
- 144 Connecting AC Power
- 146 Connecting DC Power
- 149 Powering a Services Router On and Off
- 151 Establishing Basic Connectivity
- 151 Basic Connectivity Terms
- 152 Basic Connectivity Overview
- 152 Router Identification
- 153 Root Password
- 153 Time Zone and System Time
- 154 Network Settings
- 154 Default Gateway
- 154 Backup Router
- 154 Loopback Address
- 155 Built-In Ethernet Interface Address
- 155 Management Access
- 156 Before You Begin
- 157 Connecting to a Services Router
- 157 Connecting to the J-Web Interface
- 159 Connecting to the CLI Locally
- 161 Connecting to the CLI Remotely
- 161 Configuring the Modem at the Router End
- 162 Connecting the Modem to the Console Port
- 163 Connecting to the CLI at the User End
- 163 Configuring Basic Settings with J-Web Quick Configuration
- 167 Configuring Basic Settings with a Configuration Editor
- 170 Verifying Basic Connectivity
- 171 Displaying Basic Connectivity Configurations
- 173 Configuring Secure Web Access
- 173 Secure Web Access Terms
- 174 Secure Web Access Overview
- 174 Before You Begin
- 175 Generating SSL Certificates
- 175 Configuring Secure Web Access
- 178 Configuring Secure Web Access with a Configuration Editor
- 179 Verifying Secure Web Access
- 180 Displaying an SSL Certificate Configuration
- 181 Displaying a Secure Access Configuration
- 183 Installing and Managing J-series Licenses
- 183 J-series License Overview
- 183 Software Feature Licenses
- 184 License Key Components
- 184 Before You Begin
- 185 Managing J-series Licenses with the J-Web Interface
- 186 Adding New Licenses with the J-Web Interface
- 187 Deleting Licenses with the J-Web Interface
- 187 Displaying License Keys with the J-Web Interface
- 187 Downloading Licenses with the J-Web Interface
- 187 Managing J-series Licenses with the CLI
- 187 Adding New Licenses with the CLI
- 188 Deleting a License with the CLI
- 188 Saving License Keys with the CLI
- 189 Verifying J-series License Management
- 190 Displaying Installed Licenses
- 191 Displaying License Usage
- 191 Displaying Installed License Keys
- 193 Maintaining Services Router Hardware
- 195 Replacing Hardware Components
- 195 Tools and Parts Required
- 196 Replacing the Console Port Cable
- 196 Replacing a PIM
- 196 Removing a PIM
- 198 Installing a PIM
- 199 Replacing PIM Cables
- 199 Removing PIM Cables
- 199 Installing PIM Cables
- 200 Removing and Replacing the Chassis Cover on J2320 and J2350 Routers
- 202 Replacing Internal Compact Flashes on J2320 and J2350 Routers
- 205 Replacing Internal Compact Flashes on J4350 and J6350 Routers
- 208 Replacing External Compact Flashes
- 210 Replacing USB Storage Devices
- 210 Removing the USB Storage Device
- 211 Installing the USB Storage Device
- 212 Replacing DRAM Modules
- 213 Removing a DRAM Module
- 214 Installing a DRAM Module
- 215 Replacing Power System Components
- 215 Replacing AC Power Supply Cords
- 216 Removing an AC Power Supply from J6350 Routers
- 217 Installing an AC Power Supply in J6350 Routers
- 218 Replacing DC Power Supply Cables
- 219 Removing a DC Power Supply
- 220 Installing a DC Power Supply
- 222 Replacing Crypto Accelerator Modules on J2320 and J2350 Routers
- 223 Removing a J2320 or J2350 Crypto Accelerator Module
- 224 Installing a J2320 or J2350 Crypto Accelerator Module
- 225 Replacing Crypto Accelerator Modules on J4350 and J6350 Routers
- 226 Removing a J4350 or J6350 Crypto Accelerator Module
- 227 Installing a J4350 or j6350 Crypto Accelerator Module
- 229 Replacing Air Filters on J2350 Routers
- 230 Replacing Air Filters on J4350 and J6350 Routers
- 233 Troubleshooting Hardware Components
- 233 Chassis Alarm Conditions
- 234 Troubleshooting Power Management
- 236 Contacting the Juniper Networks Technical Assistance Center
- 237 Contacting Customer Support and Returning Hardware
- 237 Locating Component Serial Numbers
- 238 J2320 and J2350 Chassis Serial Number and Agency Labels
- 239 J4350 and J6350 Chassis Serial Number and Agency Labels
- 240 PIM Serial Number Label
- 240 Power Supply Serial Number Labels
- 240 Contacting Customer Support
- 241 Information You Might Need to Supply to JTAC
- 241 Return Procedure
- 242 Packing a Router or Component for Shipment
- 242 Tools and Parts Required
- 242 Packing the Services Router for Shipment
- 243 Packing Components for Shipment
- 245 J-series Requirements and Specifications
- 247 Network Cable Specifications and Connector Pinouts
- 247 Serial PIM Cable Specifications
- 248 RS-232 DTE Cable Pinout
- 249 RS-232 DCE Cable Pinout
- 249 RS-422/449 (EIA-449) DTE Cable Pinout
- 251 RS-422/449 (EIA-449) DCE Cable Pinout
- 252 EIA-530A DTE Cable Pinout
- 253 EIA-530A DCE Cable Pinout
- 254 V.35 DTE Cable Pinout
- 255 V.35 DCE Cable Pinout
- 255 X.21 DTE Cable Pinout
- 256 X.21 DCE Cable Pinout
- 257 Fast Ethernet RJ-45 Connector Pinout
- 257 Gigabit Ethernet uPIM RJ-45 Connector Pinout
- 258 Gigabit Ethernet ePIM RJ-45 Connector Pinout
- 258 Chassis Console Port Pinouts
- 259 E1 and T1 RJ-48 Cable Pinouts
- 262 E3 and T3 BNC Connector Pinout
- 262 ADSL and G.SHDSL RJ-11 Connector Pinout
- 263 ISDN RJ-45 Connector Pinout
- 263 Connector Pinouts for Avaya VoIP Modules
- 263 TGM550 Console Port Pinouts
- 264 TGM550 RJ-11 Connector Pinout for Analog Ports
- 265 TIM510 RJ-45 Connector Pinout
- 265 TIM514 Connector Pinout
- 265 TIM521 Connector Pinout
- 267 Safety and Regulatory Compliance Information
- 267 Definition of Safety Warning Levels
- 269 Safety Guidelines and Warnings
- 269 General Safety Guidelines and Warnings
- 270 Qualified Personnel Warning
- 271 Preventing Electrostatic Discharge Damage
- 271 Electrical Safety Guidelines and Warnings
- 272 General Electrical Safety Guidelines
- 273 AC Power Electrical Safety Guidelines
- 273 Power Cable Warning (Japanese)
- 274 DC Power Electrical Safety Guidelines
- 274 Power Sources for Redundant Power Supplies
- 275 DC Power Disconnection Warning
- 276 DC Power Grounding Requirements and Warning
- 277 DC Power Wiring Sequence Warning
- 278 DC Power Wiring Terminations Warning
- 280 Grounded Equipment Warning
- 280 Warning Statement for Norway and Sweden
- 281 In Case of Electrical Accident
- 281 Multiple Power Supplies Disconnection Warning
- 282 Power Disconnection Warning
- 283 TN Power Warning
- 284 Telecommunication Line Cord Warning
- 285 Installation Safety Guidelines and Warnings
- 285 Chassis Lifting Guidelines
- 286 Installation Instructions Warning
- 286 Rack-Mounting Requirements and Warnings
- 290 Ramp Warning
- 291 Laser and LED Safety Guidelines and Warnings
- 291 General Laser Safety Guidelines
- 291 Class 1 Laser Product Warning
- 292 Class 1 LED Product Warning
- 292 Laser Beam Warning
- 293 Radiation from Open Port Apertures Warning
- 295 Maintenance and Operational Safety Guidelines and Warnings
- 295 Battery Handling Warning
- 296 Jewelry Removal Warning
- 298 Lightning Activity Warning
- 299 Operating Temperature Warning
- 300 Product Disposal Warning
- 301 Agency Approvals
- 302 Compliance Statements for Environmental Requirements
- 302 Lithium Battery
- 302 Compliance Statements for EMC Requirements
- 303 Canada
- 304 European Community
- 305 Japan
- 306 United States
- 306 FCC Part 15 Statement
- 306 FCC Part 68 Statement
- 309 Index
- 311 Index
- 311 Symbols
- 311 A
- 312 B
- 312 C
- 314 D
- 315 E
- 316 F
- 316 G
- 317 H
- 317 I
- 318 J
- 320 K
- 320 L
- 321 M
- 322 N
- 322 O
- 322 P
- 324 Q
- 324 R
- 325 S
- 327 T
- 328 U
- 328 V
- 329 W
- 329 X