[Contents] [Prev] [Next] [Index] [Report an Error]

Prerequisites for Clear-Text Connections

A client application that uses the JUNOScript-specific clear-text protocol sends unencrypted text directly over a TCP connection without using any additional protocol (such as SSH, SSL, or Telnet).

Routers running the JUNOS-FIPS software do not accept JUNOScript clear-text connections. We recommend that you do not use the clear-text protocol in a Common Criteria environment. For more information, see the Secure Configuration Guide for Common Criteria and JUNOS-FIPS.

To enable client applications to use the clear-text protocol to connect to the JUNOScript server, perform the following steps:

Verify that the application can access the TCP software. On most operating systems, TCP is accessible in the standard distribution.
Satisfy the prerequisites discussed in Prerequisites for All Access Protocols.
Configure the JUNOScript server to accept clear-text connections from JUNOScript client applications on port 3221 by including the xnm-clear-text statement at the [edit system services] hierarchy level:[edit] user@host# set system services xnm-clear-text
By default, the JUNOScript server supports up to 75 simultaneous clear-text sessions and 150 connection attempts per minute. Optionally, you can include either or both the connection-limit statement to limit the number of concurrent sessions and the rate-limit statement to limit connection attempts. Both statements accept a value from 1 through 250.
[edit] user@host# set system services xnm-clear-text connection-limit limit user@host# set system services xnm-clear-text rate-limit limit
For more information about the xnm-clear-text statement, see the JUNOS System Basics Configuration Guide.
Commit the configuration:[edit] user@host# commit
Repeat Step item on each computer where the application runs, and Step item through Step item on each routing platform to which the application connects.

[Contents] [Prev] [Next] [Index] [Report an Error]