Case Study: A Typical Base Configuration


Now that we have discussed the individual statements that go into setting up users, enabling services, and enabling remote access to the router we will look at a typical configuration example. The following statements are representative of a typical base configuration. The elements included in this base would be found on almost any Juniper Networks M-Series router, be it located in a production network or a lab environment.

No production network interfaces have been configured and no IGP has been put in place.

A user , lab , has been added and given the ability to execute all commands as needed. Another user, guest , has been added and given operator permissions. Other login classes and user accounts can be added as the need arises.

The network the router will be placed in uses NTP, and the boot server and NTP server have both been designated. The router is physically located in the United States.

The auxiliary port has been administratively enabled and will serve as a backup connection in the event that problems are encountered with the console port.

SSH services have been enabled on the router to permit encrypted remote access and file transfer across the management LAN. FTP and Telnet were intentionally left out of the configuration

System logging has been turned on and set to cache all interactive commands at the info level and higher. It will store these in up to five files with each file being allowed to reach a maximum size of 5MB. The file will not be readable by anyone except lab , root , and other super-users .

The management Ethernet interface has been configured with an IP address that puts it in the management LAN, but because there were issues with connectivity, it was necessary to override the default link speed and mode.

 lab@Chicago> edit  [edit] lab@Chicago# show version 5.0R1.4; system {     host-name Chicago;     location {         country-code us     login {         user lab {             uid 2000;             class power-user;             authentication {                 encrypted-password "$f4uMb$l.We41nx6.M8CfrFl.Wf81"; # SECRET-DATA             }         }         user guest {             uid 2001;             class operator;             authentication {                 encrypted-password "$f4uMb$l.WM8CfrFl.Wf81"; # SECRET-DATA             }         }            ntp {                boot-server 192.168.151.5;                server 192.168.10.5;                }     ports {         auxiliary {            insecure;            speed 9600;            type vt100;          }        }     services {         ssh;         }     syslog {         file bigbrother {            interactive-commands info;            archive {               files 5;               size 5M;               no-world-readable;            }        }     } } interfaces {     fxp0 {         speed 100m;         link-mode full-duplex;         unit 0 {             family inet {                 address 192.168.161.23/24;             }         }     } } [edit] lab@Chicago# 


Juniper Networks Reference Guide. JUNOS Routing, Configuration, and Architecture
Juniper Networks Reference Guide: JUNOS Routing, Configuration, and Architecture: JUNOS Routing, Configuration, and Architecture
ISBN: 0201775921
EAN: 2147483647
Year: 2002
Pages: 176

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net