Contents

ContentsHide

J-Web User Guide for SRX Series Devices
- About the Documentation
- Juniper Web Device Manager
  - Getting Started
- Dashboard
  - J-Web Dashboard
    - Dashboard Overview
- Monitor
- Configure
  - Device Settings
    - Configure Basic Settings
    - Configure Chassis Cluster
    - Configure Cluster (HA) Setup
    - Configure PPPoE
    - Configure VPN
    - Configure NAT
  - Setup Wizard
    - Configure Setup Wizard
  - Interfaces—Ports
    - About the Ports Page
    - Add a Logical Interface
    - Edit a Logical Interface
    - Delete Logical Interface
  - Interfaces—Interconnecting Ports
    - About the Interconnecting Ports Page
    - Add a LT Logical Interface
    - Edit a LT Logical Interface
    - Delete Logical Interface
    - Search for Text in an Interconnect Ports Table
  - Interfaces—VLAN
    - About the VLAN Page
    - Add a VLAN
    - Edit a VLAN
    - Delete VLAN
    - Assign an Interface to VLAN
  - Interfaces—Link Aggregation
    - About the Link Aggregation Page
    - Link Aggregation Global Settings
    - Add a Logical Interface to Link Aggregation
    - Add a Link Aggregation
    - Edit an Aggregated Interface
    - Delete Link Aggregation
    - Search for Text in the Link Aggregation Table
  - Network— DHCP Client
    - About the DHCP Client Page
    - Add DHCP Client Information
    - Delete DHCP Client Information
  - Network—DHCP Server
    - About the DHCP Server Page
    - Add a DHCP Pool
    - Edit a DHCP Pool
    - Delete DHCP Pool
    - DHCP Groups Global Settings
    - Add a DHCP Group
    - Edit a DHCP Group
    - Delete DHCP Group
  - Network—Routing Instances
    - About the Routing Instances Page
    - Add a Routing Instance
    - Edit a Routing Instance
    - Delete Routing Instance
  - Network—Static Routing
    - About the Static Routing Page
    - Add a Static Route
    - Edit a Static Route
    - Delete Static Route
  - Network—RIP Routing
    - About the RIP Page
    - Add a RIP Instance
    - Edit a RIP Instance
    - Delete RIP Instance
    - Edit RIP Global Settings
    - Delete RIP Global Settings
  - Network—OSPF Routing
    - About the OSPF Page
    - Add an OSPF
    - Edit an OSPF
    - Delete OSPF
  - Network—BGP Routing
    - About the BGP Page
    - Add a BGP Group
    - Edit a BGP Group
    - Delete a BGP Group
    - Edit Global Information
  - Network—ALG
    - About the ALG Page
  - Network—Forwarding Mode
    - About the Forwarding Mode Page
  - Network—Policies
    - About the Policies Page
    - Global Options
    - Add a Policy
    - Clone a Policy
    - Edit a Policy
    - Delete Policy
    - Test a Policy
  - Network—DS-Lite
    - About the DS-Lite Page
    - Add a DS-Lite
    - Edit a DS-Lite
    - Delete DS-Lite
  - Network—CoS Value Alias
    - About the Value Alias Configuration Page
    - Add a Code Point Alias
    - Edit a Code Point Alias
    - Delete Code Point Alias
  - Network—CoS Forwarding Classes
    - About the Forwarding Classes Page
    - Add a Forwarding Class
    - Edit a Forwarding Class
    - Delete Forwarding Class
  - Network—CoS Classifiers
    - About the Classifiers Page
    - Add a Classifier
    - Edit a Classifier
    - Delete Classifier
  - Network—CoS Rewrite Rules
    - About the Rewrite Rules Page
    - Add a Rewrite Rule
    - Edit a Rewrite Rule
    - Delete Rewrite Rule
  - Network—CoS Schedulers
    - About the Schedulers Page
    - Add a Scheduler
    - Edit a Scheduler
    - Delete Scheduler
  - Network—CoS Scheduler Maps
    - About the Scheduler Maps Page
    - Add a Scheduler Map
    - Edit a Scheduler Map
    - Delete Scheduler Map
  - Network—CoS Drop Profile
    - About the Drop Profile Page
    - Add a Drop Profile
    - Edit a Drop Profile
    - Delete Drop Profile
  - Network—CoS Virtual Channel Groups
    - About the Virtual Channel Groups Page
    - Add a Virtual Channel
    - Edit a Virtual Channel
    - Delete Virtual Channel
  - Network—CoS Assign To Interface
    - About the Assign To Interface Page
    - Edit a Port
    - Add a Logical Interface
    - Edit a Logical Interface
    - Delete Logical Interface
  - User Management
    - About the User Management Page
    - Add an User
    - Edit an User
    - Delete User
  - Users—Access Profile
    - About the Access Profile Page
    - Add an Access Profile
    - Edit an Access Profile
    - Delete an Access Profile
  - Users—Firewall Authentication
    - About the Firewall Authentication Page
  - Users—UAC Settings
    - About the UAC Settings Page
  - Security Objects—Application Tracking
    - About the Application Tracking Page
  - Security Objects—Address Pools
    - About the Address Pools Page
    - Add an Address Pool
    - Edit an Address Pool
    - Delete Address Pool
    - Search for Text in an Address Pools Table
  - Security Services—Policy Rules
    - About the Rules Page
    - Global Options
    - Add a Rule
    - Clone a Rule
    - Edit a Rule
    - Delete Rules
  - Security Services—Policy Objects Zones/Screens
    - About the Zones/Screens Page
    - Add a Zone
    - Edit a Zone
    - Delete Zone
    - Add a Screen
    - Edit a Screen
    - Delete Screen
  - Security Services—Policy Objects Services
    - About the Services Page
    - Add a Custom Application
    - Edit a Custom Application
    - Delete Custom Application
    - Add an Application Group
    - Edit an Application Group
    - Delete Application Group
  - Security Services—Policy Objects Zone Addresses
    - About the Zone Addresses Page
    - Add Zone Addresses
    - Clone Zone Addresses
    - Edit Zone Addresses
    - Delete Zone Addresses
    - Search Text in a Zone Addresses Table
  - Security Services—Policy Objects Global Addresses
    - About the Global Addresses Page
    - Add an Address Book
    - Edit an Address Book
    - Delete Address Book
  - Security Services—Policy Objects Proxy Profiles
    - About the Proxy Profiles Page
    - Add a Proxy Profile
    - Edit a Proxy Profile
    - Delete Proxy Profile
  - Security Services—Policy Objects Schedules
    - About the Schedules Page
    - Add a Schedule
    - Clone a Schedule
    - Edit a Schedule
    - Delete Schedule
    - Search Text in Schedules Table
  - Security Services—IPv4 Firewall Filters
    - About the IPv4 Page
    - Add IPv4 Firewall Filters
  - Security Services—IPv6 Firewall Filters
    - About the IPv6 Page
    - Add IPv6 Firewall Filters
  - Security Services—Firewall Filters—Assign to Interfaces
    - About the Assign to Interfaces Page
  - Security Services—Source NAT
    - About the Source Page
    - Global Settings
    - Add a Source Rule Set
    - Edit a Source Rule Set
    - Delete Source Rule Set
    - Add a Source NAT Pool
    - Edit a Source NAT Pool
    - Delete Source NAT Pool
  - Security Services—Destination NAT
    - About the Destination Page
    - Add a Destination Rule Set
    - Edit a Destination Rule Set
    - Delete Destination Rule Set
    - Add a Destination NAT Pool
    - Edit a Destination NAT Pool
    - Delete Destination NAT Pool
  - Security Services—Static NAT
    - About the Static Page
    - Add a Static Rule Set
    - Edit a Static Rule Set
    - Delete Static Rule Set
  - Security Services—NAT Proxy ARP/ND
    - About the Proxy ARP/ND Page
    - Add a Proxy ARP
    - Edit a Proxy ARP
    - Delete a Proxy ARP
    - Add a Proxy ND
    - Edit a Proxy ND
    - Delete Proxy ND
  - Security Services—App Secure Application Signatures
    - About the Application Signatures Page
    - Global Settings
    - Add Application Signatures
    - Clone Application Signatures
    - Add Application Signatures Group
    - Edit Application Signatures
    - Delete Application Signatures
    - Search Text in an Application Signatures Table
  - Security Services—UTM Default Configuration
    - About the Default Configuration Page
    - Edit a Default Configuration
    - Delete Default Configuration
  - Security Services—UTM Antivirus
    - About the Antivirus Page
    - Add an Antivirus Profile
    - Clone an Antivirus Profile
    - Edit an Antivirus Profile
    - Delete Antivirus Profile
  - Security Services—UTM Web Filtering
    - About the Web Filtering Page
    - Add a Web Filtering Profile
    - Clone a Web Filtering Profile
    - Edit a Web Filtering Profile
    - Delete Web Filtering Profile
  - Security Services—UTM Category Update
    - About the Category Update Page
    - Category Update Settings
    - Download and Install Settings
  - Security Services—UTM Antispam Profiles
    - About the Antispam Page
    - Add an Antispam Profile
    - Clone an Antispam Profile
    - Edit an Antispam Profile
    - Delete Antispam Profile
  - Security Services—UTM Content Filtering
    - About the Content Filtering Page
    - Add a Content Filtering Profile
    - Clone a Content Filtering Profile
    - Edit a Content Filtering Profile
    - Delete Content Filtering Profile
  - Security Services—UTM Custom Objects
    - About the Custom Objects Page
    - Add a MIME Pattern List
    - Add a File Extension List
    - Add a Protocol Command List
    - Add a URL Pattern List
    - Add a URL Category List
    - Add a Custom Message List
    - Clone Custom Objects
    - Edit Custom Objects
    - Delete Custom Objects
  - Security Services—UTM Policy
    - About the Policy Page
    - Add a UTM Policy
    - Clone a UTM Policy
    - Edit a UTM Policy
    - Delete UTM Policy
  - Security Services—IPS Signature Update
    - About the Signature Update Page
    - Download an IPS Signature
    - Install an IPS Signature
    - Check Status of the IPS Signature
    - IPS Signature Download Setting
  - Security Services—IPS Sensor
    - About the Sensor Page
  - Security Services—IPS Policy
    - About the Policy Page
    - IDP Policy Template
    - Check Status of the IDP Policy
    - Add an IDP Policy
    - Clone an IDP Policy
    - Edit an IDP Policy
    - Delete IDP Policy
  - Security Services—Threat Prevention Policies
    - About the Threat Prevention Policies Page
    - Add a Threat Prevention Policy
    - Edit a Threat Prevention Policy
    - Delete Threat Prevention Policy
  - Security Services—IPsec VPN
    - About the IPsec VPN Page
    - IPsec VPN Global Settings
    - Create an IPsec VPN
    - Edit an IPsec VPN
    - Delete an IPsec VPN
  - Security Services—VPN IKE (Phase I)
    - About the IKE (Phase I) Page
    - Add a Gateway
    - Add an IPsec Policy
    - Add a Proposal
    - Edit an IKE (Phase I) Configuration
    - Delete IKE (Phase I) Configuration
  - Security Services—VPN IPsec (Phase II)
    - About the IKE (Phase II) Page
    - Add a VPN
    - Add an IPsec Policy
    - Add a Proposal
    - Edit an IKE (Phase II) Configuration
    - Delete IKE (Phase II) Configuration
  - Security Services—Manual Key VPN
    - About the Manual Key VPN Page
    - Add a Manual Key VPN
    - Edit a Manual Key VPN
    - Delete Manual Key VPN
  - Security Services—Dynamic VPN
    - About the Dynamic VPN Page
    - Global Settings
    - IPsec Template
    - Add a Dynamic VPN
    - Edit a Dynamic VPN
    - Delete Dynamic VPN
  - Security Services—User Firewall Active Directory
    - About the Active Directory Page
  - Security Services—User Firewall Authentication Priority
    - About the Auth Priority Page
  - Security Services—User Firewall Local Authentication
    - About the Local Auth Page
    - Add a Local Auth Entry
    - Delete a Local Auth Entry
  - Security Services—User Firewall Identity Management
    - About the Identity Management Page
    - Add an Identity Management Profile
    - Edit an Identity Management Profile
    - Delete Identity Management Profile
  - Security Services—SSL Initiation Profiles
    - About the SSL Initiation Profile Page
    - Add a SSL Initiation Profile
    - Edit a SSL Initiation Profile
    - Delete SSL Initiation Profile
  - Security Services—SSL Proxy Profiles
    - About the SSL Proxy Page
    - Add a SSL Proxy Profile
    - Clone a SSL Proxy Profile
    - Edit a SSL Proxy Profile
    - Delete SSL Proxy Profile
  - Security Services—ICAP Redirect
    - About the ICAP Redirect Profile Page
    - Add an ICAP Redirect Profile
    - Edit an ICAP Redirect Profile
    - Delete ICAP Redirect Profile
  - Wireless LAN—Settings
    - About the Settings Page
    - Create an Access Point
    - Edit an Access Point
    - Delete Access Point
    - Create an Access Point Radio Settings
    - Edit an Access Point Radio Settings
    - Delete Access Point Radio Settings
  - Multi Tenancy—Logical Systems
    - About the Logical Systems Page
    - Add a Logical System
    - Edit a Logical System
    - Delete Logical System
    - Search Text in Logical Systems Table
  - Multi Tenancy—Resource Profiles
    - About the Resource Profiles Page
    - Global Settings
    - Add a Resource Profile
    - Edit a Resource Profile
    - Delete Resource Profile
  - Multi Tenancy—Tenants
    - About the Tenants Page
    - Add a Tenant
    - Edit a Tenant
    - Delete Tenant
    - Search Text in Tenants Table
- Reports
  - Reports
    - About Reports Page
- Administration
  - Devices
  - License Management
    - Manage Your Licenses
  - Certificate Management
  - Network Monitoring
    - Monitor Chassis Alarm
    - Monitor System Alarm
  - RPM
    - Setup RPM
    - View RPM
  - Tools
  - Sky ATP Enrollment
    - Enroll Your Device with Juniper Sky ATP

ContentsHide

J-Web User Guide for SRX Series Devices
- About the Documentation
- Juniper Web Device Manager
  - Getting Started
- Dashboard
  - J-Web Dashboard
    - Dashboard Overview
- Monitor
- Configure
  - Device Settings
    - Configure Basic Settings
    - Configure Chassis Cluster
    - Configure Cluster (HA) Setup
    - Configure PPPoE
    - Configure VPN
    - Configure NAT
  - Setup Wizard
    - Configure Setup Wizard
  - Interfaces—Ports
    - About the Ports Page
    - Add a Logical Interface
    - Edit a Logical Interface
    - Delete Logical Interface
  - Interfaces—Interconnecting Ports
    - About the Interconnecting Ports Page
    - Add a LT Logical Interface
    - Edit a LT Logical Interface
    - Delete Logical Interface
    - Search for Text in an Interconnect Ports Table
  - Interfaces—VLAN
    - About the VLAN Page
    - Add a VLAN
    - Edit a VLAN
    - Delete VLAN
    - Assign an Interface to VLAN
  - Interfaces—Link Aggregation
    - About the Link Aggregation Page
    - Link Aggregation Global Settings
    - Add a Logical Interface to Link Aggregation
    - Add a Link Aggregation
    - Edit an Aggregated Interface
    - Delete Link Aggregation
    - Search for Text in the Link Aggregation Table
  - Network— DHCP Client
    - About the DHCP Client Page
    - Add DHCP Client Information
    - Delete DHCP Client Information
  - Network—DHCP Server
    - About the DHCP Server Page
    - Add a DHCP Pool
    - Edit a DHCP Pool
    - Delete DHCP Pool
    - DHCP Groups Global Settings
    - Add a DHCP Group
    - Edit a DHCP Group
    - Delete DHCP Group
  - Network—Routing Instances
    - About the Routing Instances Page
    - Add a Routing Instance
    - Edit a Routing Instance
    - Delete Routing Instance
  - Network—Static Routing
    - About the Static Routing Page
    - Add a Static Route
    - Edit a Static Route
    - Delete Static Route
  - Network—RIP Routing
    - About the RIP Page
    - Add a RIP Instance
    - Edit a RIP Instance
    - Delete RIP Instance
    - Edit RIP Global Settings
    - Delete RIP Global Settings
  - Network—OSPF Routing
    - About the OSPF Page
    - Add an OSPF
    - Edit an OSPF
    - Delete OSPF
  - Network—BGP Routing
    - About the BGP Page
    - Add a BGP Group
    - Edit a BGP Group
    - Delete a BGP Group
    - Edit Global Information
  - Network—ALG
    - About the ALG Page
  - Network—Forwarding Mode
    - About the Forwarding Mode Page
  - Network—Policies
    - About the Policies Page
    - Global Options
    - Add a Policy
    - Clone a Policy
    - Edit a Policy
    - Delete Policy
    - Test a Policy
  - Network—DS-Lite
    - About the DS-Lite Page
    - Add a DS-Lite
    - Edit a DS-Lite
    - Delete DS-Lite
  - Network—CoS Value Alias
    - About the Value Alias Configuration Page
    - Add a Code Point Alias
    - Edit a Code Point Alias
    - Delete Code Point Alias
  - Network—CoS Forwarding Classes
    - About the Forwarding Classes Page
    - Add a Forwarding Class
    - Edit a Forwarding Class
    - Delete Forwarding Class
  - Network—CoS Classifiers
    - About the Classifiers Page
    - Add a Classifier
    - Edit a Classifier
    - Delete Classifier
  - Network—CoS Rewrite Rules
    - About the Rewrite Rules Page
    - Add a Rewrite Rule
    - Edit a Rewrite Rule
    - Delete Rewrite Rule
  - Network—CoS Schedulers
    - About the Schedulers Page
    - Add a Scheduler
    - Edit a Scheduler
    - Delete Scheduler
  - Network—CoS Scheduler Maps
    - About the Scheduler Maps Page
    - Add a Scheduler Map
    - Edit a Scheduler Map
    - Delete Scheduler Map
  - Network—CoS Drop Profile
    - About the Drop Profile Page
    - Add a Drop Profile
    - Edit a Drop Profile
    - Delete Drop Profile
  - Network—CoS Virtual Channel Groups
    - About the Virtual Channel Groups Page
    - Add a Virtual Channel
    - Edit a Virtual Channel
    - Delete Virtual Channel
  - Network—CoS Assign To Interface
    - About the Assign To Interface Page
    - Edit a Port
    - Add a Logical Interface
    - Edit a Logical Interface
    - Delete Logical Interface
  - User Management
    - About the User Management Page
    - Add an User
    - Edit an User
    - Delete User
  - Users—Access Profile
    - About the Access Profile Page
    - Add an Access Profile
    - Edit an Access Profile
    - Delete an Access Profile
  - Users—Firewall Authentication
    - About the Firewall Authentication Page
  - Users—UAC Settings
    - About the UAC Settings Page
  - Security Objects—Application Tracking
    - About the Application Tracking Page
  - Security Objects—Address Pools
    - About the Address Pools Page
    - Add an Address Pool
    - Edit an Address Pool
    - Delete Address Pool
    - Search for Text in an Address Pools Table
  - Security Services—Policy Rules
    - About the Rules Page
    - Global Options
    - Add a Rule
    - Clone a Rule
    - Edit a Rule
    - Delete Rules
  - Security Services—Policy Objects Zones/Screens
    - About the Zones/Screens Page
    - Add a Zone
    - Edit a Zone
    - Delete Zone
    - Add a Screen
    - Edit a Screen
    - Delete Screen
  - Security Services—Policy Objects Services
    - About the Services Page
    - Add a Custom Application
    - Edit a Custom Application
    - Delete Custom Application
    - Add an Application Group
    - Edit an Application Group
    - Delete Application Group
  - Security Services—Policy Objects Zone Addresses
    - About the Zone Addresses Page
    - Add Zone Addresses
    - Clone Zone Addresses
    - Edit Zone Addresses
    - Delete Zone Addresses
    - Search Text in a Zone Addresses Table
  - Security Services—Policy Objects Global Addresses
    - About the Global Addresses Page
    - Add an Address Book
    - Edit an Address Book
    - Delete Address Book
  - Security Services—Policy Objects Proxy Profiles
    - About the Proxy Profiles Page
    - Add a Proxy Profile
    - Edit a Proxy Profile
    - Delete Proxy Profile
  - Security Services—Policy Objects Schedules
    - About the Schedules Page
    - Add a Schedule
    - Clone a Schedule
    - Edit a Schedule
    - Delete Schedule
    - Search Text in Schedules Table
  - Security Services—IPv4 Firewall Filters
    - About the IPv4 Page
    - Add IPv4 Firewall Filters
  - Security Services—IPv6 Firewall Filters
    - About the IPv6 Page
    - Add IPv6 Firewall Filters
  - Security Services—Firewall Filters—Assign to Interfaces
    - About the Assign to Interfaces Page
  - Security Services—Source NAT
    - About the Source Page
    - Global Settings
    - Add a Source Rule Set
    - Edit a Source Rule Set
    - Delete Source Rule Set
    - Add a Source NAT Pool
    - Edit a Source NAT Pool
    - Delete Source NAT Pool
  - Security Services—Destination NAT
    - About the Destination Page
    - Add a Destination Rule Set
    - Edit a Destination Rule Set
    - Delete Destination Rule Set
    - Add a Destination NAT Pool
    - Edit a Destination NAT Pool
    - Delete Destination NAT Pool
  - Security Services—Static NAT
    - About the Static Page
    - Add a Static Rule Set
    - Edit a Static Rule Set
    - Delete Static Rule Set
  - Security Services—NAT Proxy ARP/ND
    - About the Proxy ARP/ND Page
    - Add a Proxy ARP
    - Edit a Proxy ARP
    - Delete a Proxy ARP
    - Add a Proxy ND
    - Edit a Proxy ND
    - Delete Proxy ND
  - Security Services—App Secure Application Signatures
    - About the Application Signatures Page
    - Global Settings
    - Add Application Signatures
    - Clone Application Signatures
    - Add Application Signatures Group
    - Edit Application Signatures
    - Delete Application Signatures
    - Search Text in an Application Signatures Table
  - Security Services—UTM Default Configuration
    - About the Default Configuration Page
    - Edit a Default Configuration
    - Delete Default Configuration
  - Security Services—UTM Antivirus
    - About the Antivirus Page
    - Add an Antivirus Profile
    - Clone an Antivirus Profile
    - Edit an Antivirus Profile
    - Delete Antivirus Profile
  - Security Services—UTM Web Filtering
    - About the Web Filtering Page
    - Add a Web Filtering Profile
    - Clone a Web Filtering Profile
    - Edit a Web Filtering Profile
    - Delete Web Filtering Profile
  - Security Services—UTM Category Update
    - About the Category Update Page
    - Category Update Settings
    - Download and Install Settings
  - Security Services—UTM Antispam Profiles
    - About the Antispam Page
    - Add an Antispam Profile
    - Clone an Antispam Profile
    - Edit an Antispam Profile
    - Delete Antispam Profile
  - Security Services—UTM Content Filtering
    - About the Content Filtering Page
    - Add a Content Filtering Profile
    - Clone a Content Filtering Profile
    - Edit a Content Filtering Profile
    - Delete Content Filtering Profile
  - Security Services—UTM Custom Objects
    - About the Custom Objects Page
    - Add a MIME Pattern List
    - Add a File Extension List
    - Add a Protocol Command List
    - Add a URL Pattern List
    - Add a URL Category List
    - Add a Custom Message List
    - Clone Custom Objects
    - Edit Custom Objects
    - Delete Custom Objects
  - Security Services—UTM Policy
    - About the Policy Page
    - Add a UTM Policy
    - Clone a UTM Policy
    - Edit a UTM Policy
    - Delete UTM Policy
  - Security Services—IPS Signature Update
    - About the Signature Update Page
    - Download an IPS Signature
    - Install an IPS Signature
    - Check Status of the IPS Signature
    - IPS Signature Download Setting
  - Security Services—IPS Sensor
    - About the Sensor Page
  - Security Services—IPS Policy
    - About the Policy Page
    - IDP Policy Template
    - Check Status of the IDP Policy
    - Add an IDP Policy
    - Clone an IDP Policy
    - Edit an IDP Policy
    - Delete IDP Policy
  - Security Services—Threat Prevention Policies
    - About the Threat Prevention Policies Page
    - Add a Threat Prevention Policy
    - Edit a Threat Prevention Policy
    - Delete Threat Prevention Policy
  - Security Services—IPsec VPN
    - About the IPsec VPN Page
    - IPsec VPN Global Settings
    - Create an IPsec VPN
    - Edit an IPsec VPN
    - Delete an IPsec VPN
  - Security Services—VPN IKE (Phase I)
    - About the IKE (Phase I) Page
    - Add a Gateway
    - Add an IPsec Policy
    - Add a Proposal
    - Edit an IKE (Phase I) Configuration
    - Delete IKE (Phase I) Configuration
  - Security Services—VPN IPsec (Phase II)
    - About the IKE (Phase II) Page
    - Add a VPN
    - Add an IPsec Policy
    - Add a Proposal
    - Edit an IKE (Phase II) Configuration
    - Delete IKE (Phase II) Configuration
  - Security Services—Manual Key VPN
    - About the Manual Key VPN Page
    - Add a Manual Key VPN
    - Edit a Manual Key VPN
    - Delete Manual Key VPN
  - Security Services—Dynamic VPN
    - About the Dynamic VPN Page
    - Global Settings
    - IPsec Template
    - Add a Dynamic VPN
    - Edit a Dynamic VPN
    - Delete Dynamic VPN
  - Security Services—User Firewall Active Directory
    - About the Active Directory Page
  - Security Services—User Firewall Authentication Priority
    - About the Auth Priority Page
  - Security Services—User Firewall Local Authentication
    - About the Local Auth Page
    - Add a Local Auth Entry
    - Delete a Local Auth Entry
  - Security Services—User Firewall Identity Management
    - About the Identity Management Page
    - Add an Identity Management Profile
    - Edit an Identity Management Profile
    - Delete Identity Management Profile
  - Security Services—SSL Initiation Profiles
    - About the SSL Initiation Profile Page
    - Add a SSL Initiation Profile
    - Edit a SSL Initiation Profile
    - Delete SSL Initiation Profile
  - Security Services—SSL Proxy Profiles
    - About the SSL Proxy Page
    - Add a SSL Proxy Profile
    - Clone a SSL Proxy Profile
    - Edit a SSL Proxy Profile
    - Delete SSL Proxy Profile
  - Security Services—ICAP Redirect
    - About the ICAP Redirect Profile Page
    - Add an ICAP Redirect Profile
    - Edit an ICAP Redirect Profile
    - Delete ICAP Redirect Profile
  - Wireless LAN—Settings
    - About the Settings Page
    - Create an Access Point
    - Edit an Access Point
    - Delete Access Point
    - Create an Access Point Radio Settings
    - Edit an Access Point Radio Settings
    - Delete Access Point Radio Settings
  - Multi Tenancy—Logical Systems
    - About the Logical Systems Page
    - Add a Logical System
    - Edit a Logical System
    - Delete Logical System
    - Search Text in Logical Systems Table
  - Multi Tenancy—Resource Profiles
    - About the Resource Profiles Page
    - Global Settings
    - Add a Resource Profile
    - Edit a Resource Profile
    - Delete Resource Profile
  - Multi Tenancy—Tenants
    - About the Tenants Page
    - Add a Tenant
    - Edit a Tenant
    - Delete Tenant
    - Search Text in Tenants Table
- Reports
  - Reports
    - About Reports Page
- Administration
  - Devices
  - License Management
    - Manage Your Licenses
  - Certificate Management
  - Network Monitoring
    - Monitor Chassis Alarm
    - Monitor System Alarm
  - RPM
    - Setup RPM
    - View RPM
  - Tools
  - Sky ATP Enrollment
    - Enroll Your Device with Juniper Sky ATP

Manage Certificate Authority Group

About Certificate Authority Group Page

You are here: Administration > Certificate Management > Trusted Certificate Authority.

Multiple CA profiles can be grouped in one trusted CA group for a given topology. The ca-group can be used either in SSL or IPSec.

SSL forward proxy ensures secure transmission of data between a client and a server. Before establishing a secure connection, SSL forward proxy checks certificate authority (CA) certificates to verify signatures on server certificates. For this reason, a reasonable list of trusted CA certificates is required to effectively authenticate servers.

Table 324 provides the details of the fields of the Certificate Authority Group Page.

Table 324: Fields on Certificate Authority Group Page

Field	Description
Group Name	Displays a Name for the CA profile group.
CA Profiles	Displays the name of CA profiles.
Used For	Displays whether the CA profile group is used for IPsec VPN or for SSL proxy.

You can perform the following tasks:

Import a CA group to manually load the CA group. See Import Trusted CA Group.
Add a CA group. See Add a CA Group.
Note You can group up to maximum of 20 CA profiles in a single trusted CA group. A minimum of one CA profile is a must to create a trusted CA group.
Edit a CA group. See Edit a CA Group.
Delete a CA group. See Delete CA Group.
Search for text in a CA group table. See Search Text in Certificate Authority Group Table.
Filter the CA group information based on select criteria. To do this, select the filter icon at the top right-hand corner of the table. The columns in the grid change to accept filter options. Type the filter options; the table displays only the data that fits the filtering criteria.
Show or hide columns in the CA group table. To do this, use the Show Hide Columns icon in the top right corner of the page and select the options you want to show or deselect to hide options on the page.

Import Trusted CA Group

Procedure

To import a trusted CA group:

Select Administration > Certificate Management > Certificate Authority Group.
Click Import.
The Import Trusted CA Group page appears.
Complete the configuration according to the guidelines provided in Table 325.
Click OK to import the CA group.
You are taken to the Certificate Authority Group page. If the CA group content that you imported is validated successfully, a confirmation message is displayed; if not, an error message is displayed.
After importing a CA profile group, you can use it when you create a SSL proxy.

Table 325: Fields on the Import Trusted CA Group Page

Field	Action
CA Group Name	Enter the name of a CA group.
File path for CA Group	Click Browse to navigate to the path from where you want to import the CA group. Note: Only .pem format is supported.

Field

Action

CA Group Name

Enter the name of a CA group.

File path for CA Group

Click Browse to navigate to the path from where you want to import the CA group.

Note: Only .pem format is supported.

Add a CA Group

Procedure

To add a CA group:

Select Administration > Certificate Management > Certificate Authority Group.
Click the add icon (+).
The Add CA Group page appears.
Complete the configuration according to the guidelines provided in Table 326.
Click OK to save the changes. If you want to discard your changes, click Cancel instead.
If you click OK, a new CA group with the provided configuration is created.
After added a CA group, you can use it for IPSec VPN.

Table 326: Fields on the Add CA Group Page

Field	Action
CA Group Name	Enter an unique CA group name.
CA Profiles	Select a CA profile name from the list in the Available column and then click the right arrow to move it to the Selected column. Note: You can add up to maximum of 20 CA profiles per trusted CA group.

Field

Action

CA Group Name

Enter an unique CA group name.

CA Profiles

Select a CA profile name from the list in the Available column and then click the right arrow to move it to the Selected column.

Note: You can add up to maximum of 20 CA profiles per trusted CA group.

Edit a CA Group

Procedure

To edit a CA group:

Select Administration > Certificate Management > Certificate Authority Group.
Select a CA group.
On the upper right side of the Certificate Authority Group page, click the pencil icon.
See Table 326 for the options available for editing on the Edit CA Group page.
Click OK

Delete CA Group

Procedure

To delete a CA group:

Select Administration > Certificate Management > Certificate Authority Group.
Select a CA group.
On the upper right side of the Certificate Authority Group page, click the delete icon to delete.
A confirmation window appears.
Click Yes to delete.

Search Text in Certificate Authority Group Table

You can use the search icon in the top right corner of a page to search for text containing letters and special characters on that page.

Procedure

To search for text:

Enter partial text or full text of the keyword in the search bar and click the search icon.
The search results are displayed.
Click X next to a search keyword or click Clear All to clear the search results.

Help us to improve. Rate this article.

Feedback Received. Thank You!

Manage Trusted Certificate Authority

Monitor Chassis Alarm