Services Routers Hardware Guide

ManualsBrandsJuniper Networks ManualsNetwork RouterJ-series Services Router J2350

111

112

113

114

115

116

117

118

119

120

With the router temporarily acting as a DHCP server, you can manually configure it

with the J-Web interface. Any DHCP client host, for example, a PC or laptop computer,

directly connected to ge-0/0/0 receives an address on the 192.168.1.1/24 network.

NOTE: The DHCP functionality for initial setup is different from the configurable

DHCP server functionality of the Services Router during operation. To configure the

Services Router as a DHCP server, see the JUNOS Software Administration Guide.

Once you connect your laptop or PC to ge-0/0/0, you can use a Web browser to visit

the address 192.168.1.1/24, access the J-Web Set Up Quick Configuration page, and

complete the initial configuration of the router.

After you perform the initial configuration and commit it by clicking Apply or OK

on the Set Up page, the configured router can no longer act as a DHCP server.

Therefore, to continue using ge-0/0/0 as a management interface you must configure

the IP address of the interface as part of the initial configuration.

Management Access

Telnet allows you to connect to the Services Router and access the CLI to execute

commands from a remote system. Telnet connections are not encrypted and therefore

can be intercepted.

Telnet access to the root user is prohibited. You must use more secure methods,

such as SSH, to log in as root.

If you are using a JUNOScript server to configure and monitor routers, you can activate

clear-text access on the router to allow unencrypted text to be sent directly over a

TCP connection without using any additional protocol (such as SSH, SSL, or Telnet).

Information sent in clear text is not encrypted and therefore can be intercepted. For

more information about the JUNOScript application programming interface (API),

see the JUNOScript API Guide.

SSH also allows you to connect to the router and access the CLI to execute commands

from a remote system. However, unlike Telnet, SSH encrypts traffic so that it cannot

be intercepted.

SSH can be configured so that connections are authenticated by a digital certificate.

SSH uses public-private key technology for both connection and authentication. The

SSH client software must be installed on the machine where the client application

runs. If the SSH private key is encrypted (for greater security), the SSH client must

be able to access the passphrase used to decrypt the key.

For information about obtaining SSH software, see http://www.ssh.com and

http://www.openssh.com.

Before You Begin

Before you begin initial configuration, complete the following tasks:

Before You Begin ■ 95

Chapter 6: Establishing Basic Connectivity