[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring Outbound SSH Service

You can configure a router running the JUNOS software to initiate a TCP/IP connection with a client management application that would be blocked if the client attempted to initiate the connection (for example, if the router is behind a firewall). A single outbound-ssh configuration statement instructs the router to create a TCP/IP connection with the client management application and to forward the router’s identity. Once the connection is established, the management application initiates the SSH sequence as the client and the router as the server that authenticates the client.

Note: There is no initiation command with outbound SSH. Once outbound SSH is configured and committed, the router begins to initiate an outbound SSH connection based on the committed configuration. It continues to attempt to create this connection until successful. If the connection between the router and the client management application is broken, the router again attempts to create a new outbound SSH connection until successful. This connection is maintained until the outbound SSH stanza is removed from the configuration.

To configure the router running JUNOS software for outbound SSH connections, include the outbound-ssh statement at the [edit system services] hierarchy level:

[edit system services]
outbound-ssh {
client client-id {
address {
port port-number;
retry number;
timeout seconds;
}
device-id device-id;
keep-alive {
retry number;
timeout seconds;
}
reconnect-strategy (in-order | sticky);
secret password;
services netconf;
}
traceoptions {
file filename <files number> <match regex> <size size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
}
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.