Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Deploying and Configuring the Policy Enforcer with OVA files

    As with other Juniper Networks virtual appliances, Policy Enforcer requires either a VMware ESX server version 4.0 or later or a VMware ESXi server version 4.0 or later that can support a virtual machine with the following configuration:

    • 1 CPU
    • 8-GB RAM
    • 120-GB disk space

    If you are not familiar with using VMware ESX or EXSi servers, see VMware Documentation and select the appropriate VMware vSphere version.

    To deploy and configure the Policy Enforcer with OVA files, perform the following tasks:

    1. Download the Policy Enforcer virtual machine OVA image from the Juniper Networks software download page.

      Note: Do not change the name of the Policy Enforcer virtual machine image file that you download from the Juniper Networks support site. If you change the name of the image file, the creation of the Policy Enforcer virtual machine can fail.

    2. Launch the vSphere Client that is connected to the ESX server where the Policy Enforcer virtual machine is to be deployed.
    3. Select File > Deploy OVF Template from the menu bar.
    4. Click Browse to locate the OVA file you downloaded in Step 1.
    5. Click Next and follow the instructions in the installation wizard.

      It may take a few minutes to deploy your virtual machine. Once deployed, its name appears in the left side of the vSphere Client.

    6. Right-click the virtual machine name in the left side of the vSphere Client and select Open Console to start configuring your network settings.
    7. Log in to your virtual machine using root and abc123 as the username and password, respectively. You will be required to change the password at a later step.

      The welcome page appears.

    8. Click OK.

      The End User License Agreement (EULA) window appears.

    9. Click Accept to acknowledge the EULA. If you do not agree with the EULA, click Cancel. Your configuration will stop and you will return to the main vSphere Client page.

      The Network configuration page appears. See Figure 1.

      Figure 1: Defining the Basic Network Configuration Settings

      Defining the Basic Network Configuration
Settings
    10. Enter the following configuration information.

      Option

      Description

      Hostname

      Enter the hostname for the Policy Enforcer virtual machine; for example, pe.juniper.net.

      IP address

      Enter the IP address for the Policy Enforcer virtual machine.

      Note: Make note of this IP address as you’ll need it in a later step.

      Network mask

      Enter the netmask for the Policy Enforcer virtual machine.

      Default gateway

      Enter the IP address of the default gateway that connects your internal network to external networks.

      Primary DNS server

      Enter the IP address of your primary system registered to join the Domain Name System (DNS).

      Secondary DNS server

      Enter the IP address of a secondary DNS server. Policy Enforcer uses this address only when the primary DNS server is unavailable.

      Skip DNS servers check

      Select this check box if you do not want to check basic network settings. By default, the system will ping the gateway to ensure it receives a response indicating your settings are correct.

    11. Click Apply Changes.

      Your network settings are applied. A progress window indicates the status.

      When the system is finished updating your network settings, an NTP server window appears and prompts you to configure the NTP server list. See Figure 2.

      Figure 2: Prompt for Configuring the NTP Servers

      Prompt for Configuring
the NTP Servers
    12. Click Yes to customize the NTP server list. Click No to use the default list of 0, 1, 2 and 3.centos.pool.ntp.org.
    13. (Optional) Specify the NTP servers to use. See Figure 3. Click Apply Changes to accept your edits, Clear All to clear all fields in this window, or Cancel to discard any edits and continue to the next step.

      Figure 3: Configuring the NTP Servers

      Configuring the NTP Servers

      The Customer Information page appears. See Figure 4.

    14. Enter your customer ID. This is your SiteID tied to your support account, that entitles you to use Policy Enforcer. If you don’t have a support account with Juniper, then enter any unique 4-128 alphanumeric field (for example cust01) to identify this installation of Policy Enforcer.

      Figure 4: Entering Customer Information

      Entering Customer Information
    15. Click OK.

      The Root password change page appears. See Figure 5.

      Figure 5: Changing the Root Password

      Changing the Root Password
    16. Enter and re-enter a new administrator password for the Policy Enforcer virtual machine.

      Password restrictions are listed in the screen.

      Note: Make note of this password as you’ll need it in a later step.

      If you forget your password, see CentOS root password reset instructions.

    17. Click OK.

      The Juniper Networks Policy Enforcer page appears. See Figure 6.

      Figure 6: Reviewing and Changing Your Configuration Settings.

      Reviewing and Changing Your Configuration
Settings.
    18. Select one of the options and press Enter.

      Option

      Description

      Review configuration and finish setup

      Lets you review the configuration settings you defined one last time before applying them to the Policy Enforcer virtual machine.

      We recommend that you do not change your configuration settings after Policy Enforcer is set up within Security Director.

      Change...

      Select a setting to update its value.

      Troubleshooting menu

      Lets you ping the default gateway and custom IP address and lets you perform a DNS lookup to verify that your settings are correct.

      The Review configuration page appears. See Figure 7.

      Figure 7: Reviewing Your Configuration Settings

      Reviewing Your Configuration Settings
    19. Review your configuration settings and click Finish setup. To change any of the settings, click Change configuration.

      When you click Finish setup, the configuration settings are applied to the Policy Enforcer virtual machine. A status page indicates the progress.

      When done, the Setup Complete page appears.

    20. Click Finish to return to the main vSphere Client page.

      Note: Each time you log in to the Policy Enforcer virtual machine, you are given the option to review or change any of these settings.

    Modified: 2017-09-20