NOTE: On SRX240 Services Gateway, the fabric link connection can be any
pair of Gigabit Ethernet interfaces.
Junos OS automatically creates the fxp0 and fxp1 interfaces on these ports when the
SRX240 Services Gateway is operating in chassis cluster mode.
For more information, see the following guides:
•
Security Basics
•
Interfaces for Security Devices
Understanding Management Access
Telnet allows you to connect to the services gateway and access the CLI to execute
commands from a remote system. Telnet CLI connections are not encrypted and therefore
can be intercepted.
NOTE: Telnet access to the root user is prohibited. You must use more secure
methods, such as SSH, to log in as root.
SSH provides the following features:
•
Allows you to connect to the services gateway and access the CLI to execute commands
from a remote system
•
Encrypts traffic so that it cannot be intercepted (unlike Telnet)
•
Can be configured so that connections are authenticated by a digital certificate
•
Uses public–private key technology for both connection and authentication
The SSH client software must be installed on the machine where the client application
runs. If the SSH private key is encrypted (for greater security), the SSH client must be
able to access the passphrase used to decrypt the key.
For information about obtaining SSH software, see http://www.ssh.com and
http://www.openssh.com.
If you are using a Junos XML protocol server to configure and monitor devices, you can
activate cleartext access on the device to allow unencrypted text to be sent directly over
a Transmission Line Protocol (TCP) connection without using any additional protocol
(such as SSH, SSL, or Telnet). For more information about the Junos XML management
protocol, see the Junos XML Management Protocol Guide.
NOTE: Information sent in cleartext is not encrypted and therefore can be
intercepted.
Copyright © 2015, Juniper Networks, Inc.82
SRX240 Services Gateway Hardware Guide
To Next Page
Loading...
Need help?
General
