Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Management Access Configuration Page Options

 
  1. Select Configure>System Properties>Management Access in the J-Web user interface if you are using SRX5400, SRX5600, or SRX5800 platform.

    Or

    Select Configure>Device Setup>Basic Settings>Management Access in the J-Web user interface.

    The Management Access configuration page appears.

  2. (Junos OS Release 18.3R1 and later releases) Select Configure>Device Setup>Basic Settings>Management Access Configuration in the J-Web user interface. Table 1 explains the contents of this page.
  3. Click one:
    • Save—Saves all the basic settings configuration and returns to the main configuration page.

      Note

      For all the configuration options under Basic Settings:

      • Tool tip on the right-side represents different icons for notifications, validation errors, and successful configuration.

      • When you make a configuration change and navigate to a different page without saving it, a pop-up message is displayed to save the configuration.

    • Commit Options>Commit—Commits the configuration and returns to the main configuration page.

    • Cancel—Cancels all your entries and returns to the main configuration page.

Table 1: Management Access Configuration Details

Field FunctionAction

Loopback Address

Specifies a loopback address for the device.

Enter the IP address.

Note: If the SRX device does not have a dedicated management port (fxp0), then Loopback Address and Subnet are the only options available for the management access configuration.

Subnet

Specifies the range of logical addresses within the address space that is assigned to an organization.

Enter the address, for example, 255.255.255.0. You can also specify the address prefix.

IPv4

Displays whether or not IPv4 is enabled.

Select this option to enable IPv4.

Note: IPv4 configuration is supported only on the SRX devices with fxp0 port.

Management Access Port

Specifies an IPv4 address for the device.

Enter the IP address.

Subnet

Specifies the range of logical addresses within the address space that is assigned to an organization.

Enter the address, for example, 255.255.255.0. You can also specify the address prefix.

Default Gateway

Specifies the default gateway address for IPv4.

Enter the IP address.

Services

Telnet

Provides secure Telnet connections.

Select this option to enable telnet.

SSH

Provides secure SSH connections.

Select this option to enable SSH.

FTP

Provides secure file transfers

Select this option to enable FTP.

Netconf

Provides NETCONF connections.

Select this option to enable NETCONF.

RFC Complaint

Provides NETCONF sessions complaint with RFC 4741.

Select this option to enable RFC complaint.

Netconf -> SSH

Provides NETCONF connections over SSH connections.

Select this option to enable Netconf -> SSH.

Trace Options

Provides NETCONF trace options.

Select this option to enable trace options.

On Demand

Provides on-demand tracing.

Select this option to enable on-demand.

No Remote Trace

Disables remote tracing.

Select this option to enable no remote tracing.

Junoscript Over Clear Text

Provides clear text based Junoscript connections.

Select this option to enable Junoscript over clear text.

Junoscript Over SSL

Provides SSL based Junoscript connections.

Select this option to enable Junoscript over SSL.

Junoscript Certificate

Provides the local certificate for SSL.

Select the local certificate for SSL from the list.

HTTP

Enables unencrypted HTTP connection settings.

Select this option to enable HTTP.

Interface

Provides interfaces that accept HTTP access.

Select the interface in order of your preference and click on the left arrow/right arrow to add.

HTTPS

Enables encrypted HTTPS connection settings.

Select this option to enable HTTPS.

Interface

Provides interfaces that accept HTTPS access.

Select the interface in order of your preference and click on the left arrow/right arrow to add.

HTTPS Certificate

Specifies the certificate that you want to use to secure the connection from the HTTPS certificates list when you enable HTTPs.

Select the HTTPS certificate form the list.

HTTPS Port

Provides TCP ports for incoming HTTPS connections.

Select the HTTPS port by clicking top or bottom arrows.

WEB API

Web API

Enables Web API configuration.

Select this option to enable Web API.

Client

Enables client for the Web API.

Select this option to enable client.

Host Name

Provides the address of permitted HTTP/HTTPS request originators.

Select this option to add or delete the address of permitted HTTP/HTTPS request originators.

To add, click + and enter the IPv4 address of the request originator.

HTTP

Enables unencrypted HTTP connection settings.

Select this option to enable HTTP.

HTTP Port

Provides TCP ports for incoming HTTP connections.

Select this option to enable HTTP port.

HTTPs

Enables encrypted HTTPS connection settings.

Select this option to enable HTTPS.

HTTPS Port

Provides TCP ports for incoming HTTPS connections.

Click top or bottom arrows to select the HTTPS port.

Certificate Type

Specifies the certificate that you want to use to secure the connection from the HTTPS certificates list when you enable HTTPs for Web API.

Select an option.

Default

-

PKI Certificate

The option available is PKI Certificate. Select a PKI certificate from the list for HTTPS of Web API.

File Path

The options available are as follows:

  • File Path:

    • Browse—Click and select a certificate from your desired location.

    • Upload—Click and upload the selected certificate.

  • Certificate—Displays the file path of the uploaded certificate.

  • Certificate Key:

    • Browse—Click and select the certificate key from your desired location.

    • Upload—Click and upload the selected certificate key.

  • Certificate Key—Displays the file path of the uploaded certificate key.

User

Provides the user credential details.

Select this option to enable user.

Name

Specifies the username.

Enter the username.

Password

Specifies the user password.

Enter the password.

REST API

REST API

Allows RPC execution over HTTP(S) connection.

Select this option to enable REST API.

Explorer

Provides the REST API explorer tool.

Select this option to enable REST API explorer.

Control

Controls the REST API process.

Select this option to enable control.

Allowed Sources

Provides the source IP address.

Click + and enter the IPv4 address of the source.

Connection Limit

Provides the maximum number of simultaneous connections.

Click top or bottom arrows to select the number of simultaneous connections.

HTTP

Enables unencrypted HTTP connections for REST API.

Select this option to enable HTTP.

Address

Provides addresses for the incoming connections for HTTP of REST API.

Click + and enter the IPv4 address.

Port

Provides ports to accept HTTP connections fr REST API.

Click top or bottom arrows to select the HTTP port.

Note: The default port for HTTP of REST API is 3000.

HTTPS

Enables encrypted HTTPS connections for REST API.

Select this option to enable HTTPS.

Address

Provides addresses for the incoming connections for HTTPS of REST API.

Click + and enter the IPv4 address.

Cipher List

Provides the Cipher suites for HTTPS of REST API.

Select the Cipher suites in order of your preference and click on the left arrow or right arrow to add.

Port

Provides the port to accept the HTTPS connection of REST API.

Click top or bottom arrows to select the HTTPS port.

Note: The default port for HTTPS of REST API is 3443.

Server Certificate

Provides the server certificate for HTTPS of REST API.

Select the server certificate from the list.

Certificate Authority Profile

Provides the certificate authority profile for HTTPS of REST API.

Select the certificate authority profile from the list.

To create Certificate Authority:

  • Click Create Certificate Authority Profile.

  • Enter the following details:

    • CA Profile *—Enter the CA profile name.

    • CA Identifier *

    • File Path on Device for Certificate:

      • Browse—Click and select the certificatefrom your desired location.

      • Upload—Click and upload the selected certificate.

    • File Path on Device for Certificate—Displays the file path of the selected certificate.

  • Click OK.

Certificate

Certificate

Specifies the certificate name to secure HTTPS connections.

Select an option:

  • To add a new certificate, click +. Then enter the certificate name and certificate content in the Create certificate page, and then click OK.

  • To edit an existing certificate, select it and click Edit or right-click on it and click Edit Row. Then, edit the certificate content in the Edit Certificate page and click OK.

  • To delete an existing certificate, select it and click Delete or right-click on it and click Delete Row.