Junos 10.3 System Basics Configuration Guide
Copyright and Trademark Information- Table of Contents
- List of Figures
- List of Tables
-
About This Guide - Overview
- Introduction to Junos OS
- Junos OS Overview
- Junos OS Architecture Overview
- Router Hardware Components
- Junos OS Commit Model for Router Configuration
- Junos OS Routing Engine Components and Processes
- Junos OS Support for IPv4 Routing Protocols
- Junos OS Support for IPv6 Routing Protocols
- Junos OS Routing and Forwarding Tables
- Routing Policy Overview
- Junos OS Support for VPNs
- Junos Configuration Basics
- Junos OS Configuration Basics
- Junos OS Configuration from External Devices
- Methods for Configuring the Junos OS
- Configuring a Router for the First Time
- Initial Router Configuration Using the Junos OS
- Configuring the Junos OS the First Time on a Router with a
Single Routing Engine
- Configuring the Junos OS the First Time on a Router with Dual
Routing Engines
- Junos OS Default Settings for Router Security
- Junos OS Configuration Using the CLI
- Activation of the Junos OS Candidate Configuration
- Disk Space Management for Junos OS Installation
- Junos OS Tools for Monitoring the Router
- Junos OS Features for Router Security
-
- System Management
- System Management Overview
- Format for Specifying IP Addresses, Network Masks, and Prefixes
in Junos Configuration Statements
- Format for Specifying Filenames and URLs in Junos OS CLI Commands
- Default Directories for Junos OS File Storage on the Router
- Junos OS Tracing and Logging Operations
- Junos OS Authentication Methods for Routing Protocols
- Junos OS User Authentication Methods
- System Management Configuration Statements
- Configuring Basic System Management
- Configuring Basic Router or Switch Properties
- Configuring the Hostname of the Router or Switch
- Mapping the Name of the Router to IP Addresses
- Configuring an ISO System Identifier for the Router
- Example: Configuring the Name of the Router, IP Address, and
System ID
- Configuring the Domain Name for the Router or Switch
- Example: Configuring the Domain Name for the Router or Switch
- Configuring the Domains to Search When a Router or Switch Is
Included in Multiple Domains
- Configuring a DNS Name Server for Resolving a Hostname into
Addresses
- Configuring a Backup Router
- Configuring Automatic Mirroring of the CompactFlash Card on
the Hard Disk Drive
- Configuring the Physical Location of the Router or Switch
- Configuring the Root Password
- Example: Configuring the Root Password
- Example: Configuring a Plain-Text Password for Root Logins
- Example: Configuring SSH Authentication for Root Logins
- Special Requirements for Junos OS Plain-Text Passwords
- Changing the Requirements for Junos OS Plain-Text Passwords
- Example: Changing the Requirements for Junos OS Plain-Text
Passwords
- Configuring Multiple Routing Engines to Synchronize Committed
Configurations Automatically
- Compressing the Current Configuration File
- Configuring User Access
- Junos OS Login Classes Overview
- Defining Junos OS Login Classes
- Junos OS User Accounts Overview
- Configuring Junos OS User Accounts
- Example: Configuring User Accounts
- Limiting the Number of User Login Attempts for SSH and Telnet
Sessions
- Example: Limiting the Number of Login Attempts for SSH and
Telnet Sessions
- Configuring Time-Based User Access
- Examples: Configuring Time-Based User Access
- Junos-FIPS Crypto Officer and User Accounts Overview
- Junos OS Access Privilege Levels Overview
- Configuring Access Privilege Levels
- Example: Configuring Access Privilege Levels
- Specifying Access Privileges for Junos OS Operational Mode
Commands
- Regular Expressions for Allowing and Denying Junos OS Operational
Mode Commands
- Example: Configuring Access Privileges for Operational Mode
Commands
- Specifying Access Privileges for Junos OS Configuration Mode
Hierarchies
- Regular Expressions for Allowing and Denying Junos OS Configuration
Mode Hierarchies
- Example: Defining Access Privileges for Configuration Mode
Hierarchies
- Configuring the Timeout Value for Idle Login Sessions
- Configuring CLI Tips
- Configuring System Authentication
- Configuring RADIUS Authentication
- Juniper Networks Vendor-Specific RADIUS Attributes
- Configuring TACACS+ Authentication
- Juniper Networks Vendor-Specific TACACS+ Attributes
- Overview of Template Accounts for RADIUS and TACACS+ Authentication
- Configuring Remote Template Accounts for User Authentication
- Configuring Local User Template Accounts for User Authentication
- Using Regular Expressions on a TACACS+ or RADIUS Server to
Allow or Deny Access to Commands
- Junos OS Authentication Order for RADIUS, TACACS+, and Password
Authentication
- Configuring the Junos OS Authentication Order for RADIUS, TACACS+,
and Local Password Authentication
- Example: Configuring System Authentication for RADIUS, TACACS+,
and Password Authentication
- Recovering the Root Password
-
- Configuring Time
- Modifying the Default Time Zone for a Router or Switch Running
Junos OS
- NTP Overview
- Synchronizing and Coordinating Time Distribution Using NTP
- NTP Time Server and Time Services Overview
- Configuring the NTP Time Server and Time Services
- Configuring NTP Authentication Keys
- Configuring the Router or Switch to Listen for Broadcast Messages
Using NTP
- Configuring the Router or Switch to Listen for Multicast Messages
Using NTP
- Setting a Custom Time Zone on Routers or Switches Running Junos
OS
- Configuring System Log Messages
- Junos OS System Log Configuration Overview
- Junos OS System Log Configuration Statements
- Junos OS Minimum and Default System Logging Configuration
- Single-Chassis System Logging Configuration
- Single-Chassis System Logging Configuration Overview
- Specifying the Facility and Severity of Messages to Include
in the Log
- Junos System Logging Facilities and Message Severity Levels
- Directing System Log Messages to a Log File
- Logging Messages in Structured-Data Format
- Directing System Log Messages to a User Terminal
- Directing System Log Messages to the Console
- System Logging on a Remote Machine or the Other Routing Engine
- Directing System Log Messages to a Remote Machine or the Other
Routing Engine
- Specifying an Alternative Source Address for System Log Messages
- Changing the Alternative Facility Name for Remote System Log
Messages
- System Log Default Facilities for Messages Directed to a Remote
Destination
- Junos System Log Alternate Facilities for Remote Logging
- Examples: Assigning an Alternative Facility
- Adding a Text String to System Log Messages
- Specifying Log File Size, Number, and Archiving Properties
- Including Priority Information in System Log Messages
- System Log Facility Codes and Numerical Codes Reported in Priority
Information
- Including the Year or Millisecond in Timestamps
- Using Regular Expressions to Refine the Set of Logged Messages
- Junos System Log Regular Expression Operators for the match
Statement
- Disabling the System Logging of a Facility
- Examples: Configuring System Logging
- System Logging Configuration for a TX Matrix Router
- Configuring System Logging for a TX Matrix Router
- Configuring Message Forwarding to the TX Matrix Router
- Impact of Different Local and Forwarded Severity Levels on
System Log Messages on a TX Matrix Router
- Configuring Optional Features for Forwarded Messages on a TX
Matrix Router
- Directing Messages to a Remote Destination from the Routing
Matrix Based on the TX Matrix Router
- Configuring System Logging Differently on Each T640 Router
in a Routing Matrix
- System Logging Configuration for a TX Matrix Plus Router
- Configuring System Logging for a TX Matrix Plus Router
- Configuring Message Forwarding to the TX Matrix Plus Router
- Impact of Different Local and Forwarded Severity Levels on
System Log Messages on a TX Matrix Plus Router
- Configuring Optional Features for Forwarded Messages on a TX
Matrix Plus Router
- Directing Messages to a Remote Destination from the Routing
Matrix Based on a TX Matrix Plus Router
- Configuring System Logging Differently on Each T1600 Router
in a Routing Matrix
- Configuring System Services
- System Services Overview
- Configuring clear-text or SSL Service for Junos XML protocol
Client Applications
- Configuring the Router, Switch, or Interface to Act as a DHCP
Server on J Series Services Routers and EX Series Ethernet Switches
- DHCP Access Service Overview
- DHCP Statement Hierarchy and Inheritance
- Configuring Address Pools for DHCP Dynamic Bindings
- Configuring Manual (Static) DHCP Bindings Between a Fixed IP
Address and a Client MAC Address
- Specifying DHCP Lease Times for IP Address Assignments
- Configuring a DHCP Boot File and DHCP Boot Server
- Configuring the Next DHCP Sever to Contact After a Boot Client
Establishes Initial Communication
- Configuring a Static IP Address as DHCP Server Identifier
- Configuring a Domain Name and Domain Search List for a DHCP
Server Host
- Configuring Routers Available to the DHCP Client
- Creating User-Defined DHCP Options Not Included in the Default
Junos Implementation of the DHCP Server
- Example: Complete DHCP Server Configuration
- Example: Viewing DHCP Bindings
- Example: Viewing DHCP Address Pools
- Example: Viewing and Clearing DHCP Conflicts
- Configuring Tracing Operations for DHCP Processes
- DHCP Processes Tracing Flags
- Configuring the Router as an Extended DHCP Local Server
- Interaction Among the DHCP Client, Extended DHCP Local Server,
and Address-Assignment Pools
- Extended DHCP Local Server and Address-Assignment Pools
- Methods Used by the Extended DHCP Local Server to Determine
Which Address-Assignment Pool to Use
- Default Options Provided by the Extended DHCP Server for the
DHCP Client
- Using External AAA Authentication Services to Authenticate
DHCP Clients
- Configuring Authentication Support for an Extended DHCP Application
- Grouping Interfaces with Common DHCP Configurations
- Configuring Passwords for Usernames the DHCP Application Presents
to the External AAA Authentication Service
- Creating Unique Usernames the Extended DHCP Application Passes
to the External AAA Authentication Service
- Client Configuration Information Exchanged Between the External
Authentication Server, DHCP Application, and DHCP Client
- Tracing Extended DHCP Local Server Operations
- Example: Configuring the Minimum Extended DHCP Local Server
Configuration
- Example: Extended DHCP Local Server Configuration with Optional
Pool Matching
- Verifying and Managing the DHCP Server Configuration
- Configuring DTCP-over-SSH Service for the Flow-Tap Application
- Configuring Finger Service for Remote Access to the Router
- Configuring FTP Service for Remote Access to the Router or
Switch
- Configuring SSH Service for Remote Access to the Router or
Switch
- Configuring Outbound SSH Service
- Configuring the Device Identifier for Outbound SSH Connections
- Sending the Public SSH Host Key to the Outbound SSH Client
- Configuring Keepalive Messages for Outbound SSH Connections
- Configuring a New Outbound SSH Connection
- Configuring the Outbound SSH Client to Accept NETCONF as an
Available Service
- Configuring Outbound SSH Clients
- Configuring NETCONF-Over-SSH Connections on a Specified TCP
Port
- Configuring Telnet Service for Remote Access to a Router
- Configuring Miscellaneous System Management Features
- Configuring the Junos OS to Set Console and Auxiliary Port
Properties
- Configuring the Junos OS to Disable Protocol Redirect Messages
on the Router or Switch
- Configuring the Junos OS to Select a Fixed Source Address for
Locally Generated TCP/IP Packets
- Configuring the Junos OS to Make the Router or Interface Act
as a DHCP or BOOTP Relay Agent
- Configuring the Junos OS to Disable the Routing Engine Response
to Multicast Ping Packets
- Configuring the Junos OS to Disable the Reporting of IP Address
and Timestamps in Ping Responses
- Configuring Password Authentication for Console Access to PICs
- Configuring the Junos OS to Display a System Login Message
- Configuring the Junos OS to Display a System Login Announcement
- Disabling Junos OS Processes
- Configuring Failover to Backup Media if a Junos OS Process
Fails
- Configuring Password Authentication for the Diagnostics Port
- Viewing Core Files from Junos OS Processes
- Saving Core Files from Junos OS Processes
- Using Junos OS to Configure Logical System Administrators
- Using Junos OS to Configure a Router or Switch to Transfer
Its Configuration to an Archive Site
- Configuring the Router or Switch to Transfer Its Currently
Active Configuration to an Archive
- Configuring the Transfer Interval for Periodic Transfer of
the Active Configuration to an Archive Site
- Configuring Transfer of the Current Active Configuration When
a Configuration Is Committed
- Configuring Archive Sites for Transfer of Active Configuration
Files
- Using Junos OS to Specify the Number of Configurations Stored
on the CompactFlash Card
- Configuring RADIUS System Accounting
- Example: Configuring RADIUS System Accounting
- Configuring TACACS+ System Accounting
- Configuring TACACS+ Accounting on a TX Matrix Router
- Configuring the Junos OS to Work with SRC Software
- Configuring the Junos OS ICMPv4 Rate Limit for ICMPv4 Routing
Engine Messages
- Configuring the Junos OS ICMPv6 Rate Limit for ICMPv6 Routing
Engine Messages
- Configuring the Junos OS for IP-IP Path MTU Discovery on IP-IP
Tunnel Connections
- Configuring TCP MSS for Session Negotiation
- Configuring the Junos OS for IPv6 Path MTU Discovery
- Configuring the Junos OS for IPv6 Duplicate Address Detection
Attempts
- Configuring the Junos OS for Acceptance of IPv6 Packets with
a Zero Hop Limit
- Configuring the Junos OS for Path MTU Discovery on Outgoing
GRE Tunnel Connections
- Configuring the Junos OS for Path MTU Discovery on Outgoing
TCP Connections
- Configuring the Junos OS to Ignore ICMP Source Quench Messages
- Configuring the Junos OS to Enable the Router or Switch to
Drop Packets with the SYN and FIN Bits Set
- Configuring the Junos OS to Disable TCP RFC 1323 Extensions
- Configuring the Junos OS to Disable the TCP RFC 1323 PAWS Extension
- Configuring the Junos OS to Extend the Default Port Address
Range
- Configuring the Junos OS ARP Learning and Aging Options for
Mapping IPv4 Network Addresses to MAC Addresses
- Disabling MAC Address Learning of Neighbors Through ARP or
Neighbor Discovery for IPv4 and IPv6 Traffic for Logical Interfaces
- Using Junos OS to Configure System Alarms to Appear Automatically
on J Series Routers and EX Series Ethernet Switches
- System Alarms on J Series Routers
- Security Configuration Example
- Example: Configuring a Router Name and Domain Name
- Example: Configuring RADIUS Authentication
- Example: Creating Login Classes
- Example: Defining User Login Accounts
- Example: Defining RADIUS Template Accounts
- Example: Enabling SSH Connection Services
- Example: Configuring System Logging
- Example: Configuring NTP as a Single Time Source for Router
Clock Synchronization
- Example: Configuring ATM, SONET, Loopback, and Out-of-Band
Management Interfaces
- Example: Configuring SNMPv3
- Examples: Configuring Protocol-Independent Routing Properties
- Example: Configuring the BGP and IS-IS Routing Protocols
- Configuring Firewall Policies and Filters
- Example: Consolidated Security Configuration
- Summary of System Management Configuration Statements
- accounting
- access-end
- access-start
- accounting-port
- allow-commands
- allow-configuration
- allowed-days
- announcement
- archival
- archive (All System Log Files)
- archive (Individual System Log File)
- archive-sites (Configuration File)
- arp
- authentication (DHCP Local Server)
- authentication (Login)
- authentication-key
- authentication-order
- autoinstallation
- auxiliary
- backup-router
- boot-file
- boot-server (DHCP)
- boot-server (NTP)
- broadcast
- broadcast-client
- change-type
- circuit-type
- class (Assigning a Class to an Individual User)
- class (Defining Login Classes)
- client-identifier
- commit synchronize
- compress-configuration-files
- configuration
- configuration-servers
- connection-limit
- console (Physical Port)
- console (System Logging)
- default-address-selection
- default-lease-time
- delimiter (DHCP Local Server)
- deny-commands
- deny-configuration
- destination
- destination-override
- dhcp
- dhcpv6
- dhcp-local-server
- diag-port-authentication
- domain-name (DHCP)
- domain-name
- domain-name (DHCP Local Server)
- domain-search
- dump-device
- events
- explicit-priority
- facility-override
- file (System Logging)
- files
- finger
- flow-tap-dtcp
- format
- ftp
- full-name
- gre-path-mtu-discovery
- group (DHCP Local Server)
- host
- host-name
- http
- https
- icmpv4-rate-limit
- icmpv6-rate-limit
- idle-timeout
- inet6-backup-router
- interface (ARP Aging Timer)
- interface (DHCP Local Server)
- interfaces
- internet-options
- ip-address-first
- ipip-path-mtu-discovery
- ipv6-duplicate-addr-detection-transmits
- ipv6-path-mtu-discovery
- ipv6-path-mtu-discovery-timeout
- ipv6-reject-zero-hop-limit
- load-key-file
- local-certificate
- location
- log-prefix
- logical-system-name (DHCP Local Server)
- login
- login-alarms
- login-tip
- mac-address (DHCP Local Server)
- match
- max-configurations-on-flash
- maximum-lease-time
- maximum-length
- message
- minimum-changes
- minimum-length
- mirror-flash-on-disk
- multicast-client
- name-server
- next-server
- no-compress-configuration-files
- no-gre-path-mtu-discovery
- no-ipip-path-mtu-discovery
- no-ipv6-reject-zero-hop-limit
- no-multicast-echo
- no-path-mtu-discovery
- no-ping-record-route
- no-ping-time-stamp
- no-redirects
- no-remote-trace
- no-saved-core-context
- no-source-quench
- no-tcp-rfc1323
- no-tcp-rfc1323-paws
- ntp
- option-60 (DHCP Local Server)
- option-82 (DHCP Local Server Authentication)
- option-82 (DHCP Local Server Pool Matching)
- outbound-ssh
- password (DHCP Local Server)
- password (Login)
- path-mtu-discovery
- peer
- permissions
- pic-console-authentication
- pool
- pool-match-order
- port (HTTP/HTTPS)
- port (NETCONF Server)
- port (RADIUS Server)
- port (SRC Server)
- port (TACACS+ Server)
- ports
- processes
- protocol-version
- radius
- radius-options
- radius-server
- rate-limit
- retry
- retry-options
- root-authentication
- root-login
- router
- routing-instance-name (DHCP Local Server)
- saved-core-context
- saved-core-files
- secret
- server (NTP)
- server (RADIUS Accounting)
- server (TACACS+ Accounting)
- server-identifier
- servers
- service-deployment
- services
- session
- single-connection
- size
- source-address (NTP, RADIUS, System Logging, or TACACS+)
- source-address (SRC Software)
- source-port
- source-quench
- ssh
- static-binding
- static-host-mapping
- structured-data
- syslog
- system
- tacplus
- tacplus-options
- tacplus-server
- tcp-drop-synfin-set
- tcp-mss
- telnet
- time-format
- timeout
- time-zone
- traceoptions (Address-Assignment Pool)
- traceoptions (DHCP Local Server)
- traceoptions (DHCP Server)
- traceoptions (SBC Configuration Process)
- tracing
- transfer-interval (Configuration)
- transfer-on-commit
- trusted-key
- uid
- use-imported-time-zones
- user (Access)
- user (System Logging)
- username-include (DHCP Local Server)
- user-prefix (DHCP Local Server)
- web-management
- wins-server
- world-readable
- xnm-clear-text
- xnm-ssl
-
- Access
- Configuring Access
- Access Configuration Statements
- Configuring the PPP Authentication Protocol
- Example: Configuring PPP CHAP
- Example: Configuring CHAP Authentication with RADIUS
- Configuring L2TP for Enabling PPP Tunneling Within a Network
- Defining the Minimum L2TP Configuration
- Configuring the Address Pool for L2TP Network Server IP Address
Allocation
- Configuring the Group Profile for Defining L2TP Attributes
- Example: Group Profile Configuration
- Configuring Access Profiles for L2TP or PPP Parameters
- Configuring the L2TP Client
- Example: Defining the Default Tunnel Client
- Example: Defining the User Group Profile
- Configuring the CHAP Secret for an L2TP Profile
- Example: Configuring L2TP PPP CHAP
- Referencing the Group Profile from the L2TP Profile
- Configuring L2TP Properties for a Client-Specific Profile
- Example: PPP MP for L2TP
- Example: L2TP Multilink PPP Support on Shared Interfaces
- Configuring the PAP Password for an L2TP Profile
- Example: Configuring PAP for an L2TP Profile
- Configuring PPP Properties for a Client-Specific Profile
- Applying a Configured PPP Group Profile to a Tunnel
- Example: Applying a User Group Profile on the M7i or M10i Router
- Example: Configuring the Access Profile
- Example: Configuring L2TP
- Configuring RADIUS Authentication for L2TP
- RADIUS Attributes for L2TP
- Example: Configuring RADIUS Authentication for L2TP
- Configuring the RADIUS Disconnect Server for L2TP
- Configuring RADIUS Authentication for an L2TP Client and Profile
- Example: Configuring RADIUS Authentication for an L2TP Profile
- Configuring an IKE Access Profile
- Subscriber Access Management
- Subscriber Access Management Overview
- AAA Service Framework Overview
- RADIUS Authentication and Accounting for Subscriber Access
Management Overview
- Configuring Router or Switch Interaction with RADIUS Servers
- Configuring Authentication and Accounting Parameters for Subscriber
Access
- Specifying the Authentication and Accounting Methods for Subscriber
Access
- Configuring How Accounting Statistics Are Collected for Subscriber
Access
- Configuring RADIUS Server Parameters for Subscriber Access
- Specifying RADIUS Authentication and Accounting Servers for
Subscriber Access
- Configuring RADIUS Server Options for Subscriber Access
- Configuring How RADIUS Attributes Are Used for Subscriber Access
- Example: Configuring RADIUS-Based Subscriber Authentication
and Accounting
- RADIUS IETF Attributes Supported by the AAA Service Framework
- Juniper Networks VSAs Supported by the AAA Service Framework
- Attaching Access Profiles
- Verifying and Managing Subscriber AAA Information
- Address-Assignment Pools Overview
- Address-Assignment Pools Licensing Requirements
- Configuring Address-Assignment Pools
- Configuring an Address-Assignment Pool Name and Addresses
- Configuring a Named Address Range for Dynamic Address Assignment
- Configuring Static Address Assignment
- Configuring DHCP Client-Specific Attributes
- DHCP Attributes for Address-Assignment Pools
- Tracing Address-Assignment Pool Processes
- Example: Configuring an Address-Assignment Pool
- Summary of Access Configuration Statements
- accounting (Access Profile)
- accounting-order
- accounting-port
- accounting-server
- accounting-session-id-format
- accounting-stop-on-access-deny
- accounting-stop-on-failure
- address
- address-assignment (Address-Assignment Pools)
- address-pool
- address-range
- allowed-proxy-pair
- attributes
- authentication-order
- authentication-server
- boot-file
- boot-server
- cell-overhead
- chap-secret
- circuit-id (Address-Assignment Pools)
- circuit-type (DHCP Local Server)
- client
- client-authentication-algorithm
- dhcp-attributes (Address-Assignment Pools)
- domain-name (Address-Assignment Pools)
- drop-timeout
- encapsulation-overhead
- ethernet-port-type-virtual
- exclude
- fragmentation-threshold
- framed-ip-address
- framed-pool
- grace-period
- group-profile (Associating with Client)
- group-profile (Group Profile)
- hardware-address
- host (Address-Assignment Pools)
- idle-timeout
- ignore
- ike
- ike-policy
- immediate-update
- initiate-dead-peer-detection
- interface-description-format
- interface-id
- ip-address
- keepalive
- l2tp (Group Profile)
- l2tp (Profile)
- lcp-renegotiation
- local-chap
- maximum-lease-time
- maximum-sessions-per-tunnel
- multilink
- name-server
- nas-identifier
- nas-port-extended-format
- netbios-node-type
- network
- option
- option-82 (Address-Assignment Pools)
- option-match
- options
- order
- pap-password
- pool (Address-Assignment Pools)
- port
- ppp (Group Profile)
- ppp (Profile)
- ppp-authentication
- ppp-profile
- pre-shared-key
- primary-dns
- primary-wins
- profile
- radius (Access Profile)
- radius-disconnect
- radius-disconnect-port
- radius-server
- range (Address-Assignment Pools)
- remote-id
- retry
- revert-interval
- router (Address-Assignment Pools)
- routing-instance
- secondary-dns
- secondary-wins
- secret
- shared-secret
- source-address
- statistics
- tftp-server
- timeout (RADIUS)
- update-interval
- user-group-profile
- vlan-nas-port-stacked-format
- wins-server
-
- Security Services
- Security Services Overview
- Security Services Configuration Guidelines
- Security Services Configuration Statements
- Configuring IPsec for an ES PIC
- IPsec Configuration for an ES PIC Overview
- Configuring Minimum Manual Security Associations for IPsec
on an ES PIC
- Configuring Minimum IKE Requirements for IPsec on an ES PIC
- Configuring Minimum Digital Certificate Requirements for IKE
on an ES PIC
- Configuring Security Associations for IPsec on an ES PIC
- Configuring an IKE Proposal for Dynamic SAs
- Configuring the Authentication Algorithm for an IKE Proposal
- Configuring the Authentication Method for an IKE Proposal
- Configuring the Description for an IKE Proposal
- Configuring the Diffie-Hellman Group for an IKE Proposal
- Configuring the Encryption Algorithm for an IKE Proposal
- Configuring the Lifetime for an IKE SA
- Example: Configuring an IKE Proposal
- Configuring an IKE Policy for Preshared Keys
- Example: Configuring an IKE Policy
- Configuring an IPsec Proposal for an ES PIC
- Configuring the IPsec Policy for an ES PIC
- Example: Configuring an IPsec Policy
- Using Digital Certificates for ES and AS PICs
- Digital Certificates Overview
- Configuration Statements for Configuring Digital Certificates
for an ES PIC
- Obtaining a Certificate from a Certificate Authority for an
ES PIC
- Requesting a CA Digital Certificate for an ES PIC on an M Series
or T Series Router
- Example: Requesting a CA Digital Certificate
- Generating a Private and Public Key Pair for Digital Certificates
for an ES PIC
- Configuring Digital Certificates for an ES PIC
- Configuring an IKE Policy for Digital Certificates for an ES
PIC
- Obtaining a Signed Certificate from the CA for an ES PIC
- Associating the Configured Security Association with a Logical
Interface
- Configuring Digital Certificates for Adaptive Services Interfaces
- Configuring IPsec Tunnel Traffic
- ES Tunnel Interface Configuration for a Layer 3 VPN
- Configuring Tracing Operations for Security Services
- Configuring Tracing Operations for IPsec Events for Adaptive
Services PICs
- Configuring the Authentication Key Update Mechanism for BGP
and LDP Routing Protocols
- Configuring SSH Host Keys for Secure Copying of Data
- Importing SSL Certificates for Junos XML Protocol Support
- Configuring Internal IPsec for Junos-FIPS
- Example: Configuring Internal IPsec
- Summary of Security Services Configuration Statements
- algorithm
- authentication
- authentication-algorithm (IKE)
- authentication-algorithm (IPsec)
- authentication-key-chains
- authentication-method
- auto-re-enrollment
- auxiliary-spi
- ca-identity
- ca-name
- ca-profile
- cache-size
- cache-timeout-negative
- certificate-id
- certificates
- certification-authority
- challenge-password
- crl (Encryption Interface)
- crl (Adaptive Services Interface)
- description
- dh-group
- direction (Junos OS)
- direction (Junos-FIPS Software)
- dynamic
- encoding
- encryption (Junos OS)
- encryption (Junos-FIPS Software)
- encryption-algorithm
- enrollment
- enrollment-retry
- enrollment-url
- file
- identity
- ike
- internal
- ipsec
- key
- ldap-url
- lifetime-seconds
- local
- local-certificate
- local-key-pair
- manual (Junos OS)
- manual (Junos-FIPS Software)
- maximum-certificates
- mode (IKE)
- mode (IPsec)
- path-length
- perfect-forward-secrecy
- pki
- policy (IKE)
- policy (IPsec)
- pre-shared-key
- proposal (IKE)
- proposal (IPsec)
- proposals
- protocol (Junos OS)
- protocol (Junos-FIPS Software)
- re-enroll-trigger-time
- re-generate-keypair
- refresh-interval
- retry
- retry-interval
- revocation-check
- security-association (Junos OS)
- security-association (Junos-FIPS Software)
- spi (Junos OS)
- spi (Junos-FIPS Software)
- ssh-known-hosts
- traceoptions
- url
- validity-period
-
- Router Chassis
- Router Chassis Configuration Guidelines
- Router Chassis Configuration Statements
- Configuring the Junos OS to Make a Flexible PIC Concentrator
Stay Offline
- Configuring the Junos OS to Make an SFM Stay Offline
- Configuring the Junos OS to Resynchronize FPC Sequence Numbers
with Active FPCs when an FPC Comes Online
- Configuring the Junos OS for Supporting Aggregated Devices
- Configuring the Junos OS to Use ATM Cell-Relay Accumulation
Mode on an ATM1 PIC
- Configuring Port-Mirroring Instances
- Configuring PIC-Level Symmetrical Hashing for Load Balancing
on 802.3ad LAGs for MX Series Routers
- Examples: Configuring PIC-Level Symmetrical Hashing for Load
Balancing on 802.3ad LAGs on MX Series Routers
- Configuring ECMP Next Hops for RSVP and LDP LSPs for Load Balancing
- 16-Port 10-Gigabit Ethernet MPC on MX Series Routers (16x10GE
3D MPC) Overview
- Configuring the Number of Active Ports on a 16-Port 10-Gigabit
Ethernet MPC on MX Series Routers
- Configuring Tunnel Interfaces on an MX Series Router with a
16x10GE 3D MPC
- Configuring the Power-On Sequence for DPCs on MX Series Routers
with the Enhanced AC PEM
- Configuring the Junos OS to Determine the Conditions That Trigger
Alarms
- Configuring the Junos OS to Determine Conditions That Trigger
Alarms on Different Interface Types
- System-Wide Alarms and Alarms for Each Interface Type
- Chassis Conditions That Trigger Alarms
- Chassis Component Alarm Conditions on M5 and M10 Routers
- Chassis Component Alarm Conditions on M7i and M10i Routers
- Chassis Component Alarm Conditions on M20 Routers
- Chassis Component Alarm Conditions on M40 Routers
- Chassis Component Alarm Conditions on M40e and M160 Routers
- Chassis Component Alarm Conditions on M120 Routers
- Chassis Component Alarm Conditions on M320 Routers
- Chassis Component Alarm Conditions on MX Series Ethernet Services
Routers
- Chassis Component Alarm Conditions on TX Matrix and TX Matrix
Plus Routers
- Backup Routing Engine Alarms
- Silencing External Devices Connected to the Alarm Relay Contacts
- Configuring the Junos OS to Disable the Physical Operation
of the Craft Interface
- Configuring the Junos OS to Enable Service Packages on Adaptive
Services Interfaces
- Configuring the Junos OS to Support Layer 2 Services on MX
Series Ethernet Services Routers with MS-DPCs
- Configuring the Junos OS to Enable Session Offloading on MX
Series Ethernet Services Routers with MS-DPCs
- Configuring the Junos OS to Enable SONET/SDH Framing for SONET/SDH
PICs
- Configuring the Junos OS to Support an External Clock Synchronization
Interface for M Series and T Series Routers
- Configuring the Junos OS to Support the Sparse DLCI Mode on
Channelized STM1 or Channelized DS3 PICs
- Configuring the Junos OS to Enable a SONET PIC to Operate in
Channelized (Multiplexed) Mode
- Configuring Channelized DS3-to-DS0 Naming
- Configuring the Junos OS to Support Eight Queues on IQ Interfaces
for T Series and M320 Routers
- Configuring Channel Groups and Time Slots for a Channelized
E1 Interface
- Configuring the Junos OS to Support Channelized STM1 Interface
Virtual Tributary Mapping
- Configuring the Junos OS to Enable ATM2 Intelligent Queuing
Layer 2 Circuit Transport Mode
- Configuring the Junos OS to Support ILMI for Cell Relay Encapsulation
on an ATM2 IQ PIC
- Configuring the Junos OS to Support Tunnel Interfaces on MX
Series Ethernet Services Routers
- Example: Configuring Tunnel Interfaces on a Gigabit Ethernet
40-Port DPC
- Example: Configuring Tunnel Interfaces on a 10-Gigabit Ethernet
4-Port DPC
- Configuring the Junos OS to Enable an M160 Router to Operate
in Packet Scheduling Mode
- Configuring the Junos OS to Allocate More Memory for Routing
Tables
- Configuring the Link Services PIC for Multilink Protocol Support
- Configuring the Junos OS to Enable Idle Cell Format and Payload
Patterns for ATM Devices
- Configuring the Junos OS to Enable MTU Path Check for a Routing
Instance on M Series Routers
- Configuring the Junos OS to Support Redundancy on Routers Having
Multiple Routing Engines or Switching Boards
- Configuring the Junos OS to Support FPC to FEB Connectivity
on M120 Routers
- Configuring the Junos OS to Enable a Routing Engine to Reboot
on Hard Disk Errors
- Configuring the Junos OS to Prevent the Resetting of the Factory
Default or Rescue Configuration During Current Configuration Failure
on J Series Routers
- Configuring Larger Delay Buffers to Prevent Congestion And
Packet Dropping
- Configuring the Junos OS to Support Entry-Level Configuration
on an M320 Router with a Minimum Number of SIBs and PIMs
- Configuring the uPIM to Run in Switching or Routing Mode on
J Series Routers
- Configuring the IP and Ethernet Services Mode in MX Series
Routers
- Configuring J Series Services Router Switching Interfaces
- Example: Configuring J Series Services Router Switching Interfaces
- TX Matrix Router and T640 Router Configuration Guidelines
- TX Matrix Router and T640 Router Configuration Overview
- TX Matrix Router and T640 Router-Based Routing Matrix Overview
- Running Different Junos OS Releases on the TX Matrix Router
and T640 Routers
- TX Matrix Router Software Upgrades and Reinstallation
- TX Matrix Router Rebooting Process
- Committing Configurations on the TX Matrix Router
- TX Matrix and T640 Router Configuration Groups
- Routing Matrix System Log Messages
- Using the Junos OS to Configure a T640 Router Within a Routing
Matrix
- TX Matrix Router Chassis and Interface Names
- Configuring the Junos OS to Upgrade and Downgrade Switch Interface
Boards on a TX Matrix Router
- Configuring the Junos OS to Enable the TX Matrix Router to
Generate an Alarm If a T640 Router Stays Offline
-
- TX Matrix Plus Router and T1600 Router Configuration Guidelines
- TX Matrix Plus Router and T1600 Router Configuration Overview
- TX Matrix Plus Router and T1600 Router-Based Routing Matrix
Overview
- Running Different Junos OS Releases on the TX Matrix Plus Router
and T1600 Routers
- TX Matrix Plus Router Software Upgrades and Reinstallation
- TX Matrix Plus Router Rebooting Process
- TX Matrix Plus Router Routing Engine Rebooting Sequence
- TX Matrix Plus Router Management Ethernet Interfaces
- TX Matrix Plus Router Internal Ethernet Interfaces
- Routing Matrix-Based T1600 Router Internal Ethernet Interfaces
- Committing Configurations on the TX Matrix Plus Router
- Routing Matrix Configuration Groups
- Routing Matrix System Log Messages
- Using the Junos OS to Configure a T1600 Router Within a Routing
Matrix
- TX Matrix Plus Router Chassis and Interface Names
- Configuring the Junos OS to Enable the TX Matrix Plus Router
to Generate an Alarm If a T1600 Router Stays Offline
-
- Configuring the Junos OS to Upgrade the T1600 Router Chassis
to LCC0 of a TX Matrix Plus Routing Platform
- Preparing the Configuration File and Upgrading the Junos OS
on the T1600 Router and SFC
- Configuring the Junos OS for Upgrading SIBs on the T1600 Router
and Connecting It to the SFC
- Upgrading CBs and Routing Engines of the T1600 Router for Control
Plane Connectivity
- Changing the Management Ethernet Interface Name for the T1600
Router
- Transferring Control of the T1600 Router (LCC0) to the SFC
- Adding a New T1600 Router to the TX Matrix Plus Routing Platform
- Downgrading a T1600 Router from the LCC of a TX Matrix Routing
Platform to a Standalone T1600 Router
- Associating Sampling Instances for Active Flow Monitoring with
a Specific Packet Forwarding Engine
- Summary of Router Chassis Configuration Statements
- adaptive-services
- aggregate-ports
- aggregated-devices
- alarm
- atm-cell-relay-accumulation
- atm-l2circuit-mode
- bandwidth
- ce1
- channel-group
- chassis
- config-button
- craft-lockout
- ct3
- device-count
- disk-failure-action
- e1
- ethernet (Chassis)
- family
- fabric upgrade-mode
- fpc (M320, T320, T640 Routers)
- fpc (MX Series Ethernet Services Routers)
- fpc (TX Matrix and TX Matrix Plus Routers)
- fpc-feb-connectivity
- fpc-resync
- framing
- fru-poweron-sequence
- hash-key
- idle-cell-format
- inet
- lacp
- lcc
- linerate-mode
- link-protection
- maximum-ecmp
- max-queues-per-interface
- mlfr-uni-nni-bundles
- multiservice
- network-services
- no-concatenate
- non-revertive
- number-of-ports
- offline
- on-disk-failure
- online-expected
- packet-scheduling
- payload
- pem
- pic (M Series and T Series Routers)
- pic (TX Matrix and TX Matrix Plus Routers)
- port
- power
- q-pic-large-buffer
- red-buffer-occupancy
- route-memory-enhanced
- routing-engine
- sfm
- sampling-instance
- service-package
- session-offload
- sib
- sonet
- sparse-dlcis
- symmetric-hash
- synchronization
- system-priority
- t1
- traffic-manager
- tunnel-services
- vrf-mtu-check
- vtmapping
-
- Index
Symbols
A
- AAA Service Framework 1
- access privilege levels
- access profiles
- attaching 1
- access, router remotely 1
- access-end statement
- login class 1
- access-start statement
- login class 1
- accounting
- accounting methods 1
- accounting statement 1
- accounting statistics 1
- accounting-order statement 1
- usage guidelines 1
- accounting-port statement 1
- accounting-server statement 1
- accounting-session-id-format statement 1
- accounting-stop-on-access-deny statement 1
- accounting-stop-on-failure statement 1
- activating a configuration 1
- adaptive-services statement 1
- usage guidelines 1
- address statement 1
- usage guidelines 1
- address-assignment pools
- client attributes 1
- configuring 1
- DHCP attributes 1
- mapping option 82 1
- setting the grace period 1
- setting the maximum lease time 1
- setting the name server address 1
- specifying NetBIOS node type 1
- specifying router addresses 1
- specifying the boot file 1
- specifying the boot server 1
- specifying the DNS server IPv6 address 1
- specifying the domain name to search 1
- specifying the SIP server domain name 1
- specifying the SIP server IPv6 address 1
- specifying the source address 1, 2
- specifying the TFTP server 1
- specifying the WINS server 1
- specifying user-defined options 1
- DHCPv6 attributes 1
- license requirements 1
- name 1
- named range 1
- network address 1
- static address 1
- tracing operations 1
- address-assignment statement
- address-assignment pools 1
- address-pool statement 1
- usage guidelines 1
- address-range statement 1
- usage guidelines 1
- addresses
- aggregate-ports statement 1
- aggregated devices, configuring 1
- aggregated-devices statement 1
- usage guidelines 1
- aging timer
- ARP 1
- alarm conditions 1
- alarm cutoff button 1
- alarm statement 1
- usage guidelines 1
- alert (system logging severity level 1) 1
- algorithm statement 1, 2
- usage guidelines 1
- alias option for static-host-mapping statement 1
- alias statement 1
- allow-commands statement 1
- usage guidelines 1
- allow-configuration statement 1
- usage guidelines 1
- allowed-days statement
- login class 1
- allowed-proxy-pair statement 1
- usage guidelines 1
- allowing commands to login classes 1
- /altconfig directory 1
- alternative media 1
- /altroot directory 1
- announcement statement 1
- usage guidelines 1
- announcements
- system login 1
- any (system logging facility) 1
- any (system logging severity level) 1
- archival statement 1
- usage guidelines 1
- archive router configuration 1
- archive statement
- archive-sites statement
- ARP
- aging timer 1
- arp statement 1
- usage guidelines 1
- ASCII file, Junos OS, configuring using 1
- ATM 1
- ATM interfaces
- PIC alarm conditions 1
- atm-cell-relay-accumulation statement 1
- usage guidelines 1
- atm-l2circuit-mode statement 1
- ATM2 IQ interfaces
- Layer 2 circuit transport mode 1
- attributes statement 1
- authentication
- authentication key update mechanism 1
- authentication methods 1
- authentication statement 1
- authentication-algorithm statement
- authentication-key statement 1
- usage guidelines 1
- authentication-key-chains statement 1
- authentication-method statement
- authentication-order statement 1
- authentication-server statement 1
- authorization (system logging facility) 1
- option to facility-override statement 1
- auto-re-enrollment statement 1
- autoinstallation statement 1
- auxiliary port
- properties 1
- auxiliary statement 1
- usage guidelines 1
- auxiliary-spi statement 1
- usage guidelines 1
B
- backup router configuration 1
- backup routers 1, 2
- backup-router statement 1
- usage guidelines 1
- bandwidth statement 1
- usage guidelines 1
- BGP
- security configuration example 1
- boot server
- NTP 1
- boot-file statement 1, 2
- usage guidelines 1
- boot-server statement 1
- BOOTP relay agent 1
- braces, in configuration statements 1
- brackets
- brief statement
- broadcast
- broadcast messages, synchronizing NTP 1
- broadcast statement 1
- usage guidelines 1
- broadcast-client statement 1
- usage guidelines 1
- bucket-size statement
C
- ca-identity statement 1
- usage guidelines 1
- ca-name statement 1
- usage guidelines 1
- ca-profile statement 1
- usage guidelines 1
- cables
- cache-size statement 1
- usage guidelines 1
- cache-timeout-negative statement 1
- usage guidelines 1
- ce1 statement 1
- usage guidelines 1
- cell-overhead statement 1
- certificate-id statement 1
- certificates statement 1
- usage guidelines 1
- certification-authority statement 1
- usage guidelines 1
- cfeb statement 1, 2
- challenge-password statement 1
- change-log (system logging facility) 1
- change-type statement 1
- usage guidelines 1
- channel-group statement 1
- usage guidelines 1
- channelized DS3-to-DS0 naming 1
- channelized E1 naming 1
- channelized mode 1
- chap-secret statement 1
- usage guidelines 1
- chassis
- configuration
- alarm conditions 1
- chassis interface names 1, 2
- chassis statement 1
- circuit-id statement
- address-assignment pools 1
- circuit-type statement 1
- DHCP local server 1
- class statement
- CLI
- client address statement
- usage guidelines 1
- client attributes
- address-assignment pools 1
- client mode, NTP 1, 2, 3
- client statement 1
- client-authentication-algorithm statement
- RADIUS 1
- client-identifier statement 1
- usage guidelines 1
- commands
- comments, in configuration statements 1
- commit scripts
- commit synchronize command 1
- commit synchronize statement 1
- usage guidelines 1
- Common Criteria
- system logging 1
- CompactFlash cards
- mirroring to hard disk 1
- compress-configuration-files statement 1
- usage guidelines 1
- compressing configuration files 1, 2
- concatenated mode 1
- /config directory
- location of configuration files 1
- config-button statement 1
- usage guidelines 1
- configuration
- configuration files
- configuration statement 1
- usage guidelines 1
- configuration statements
- specifying IP addresses in 1
- configuration-servers statement 1
- conflict-log (system logging facility) 1
- connection-limit statement 1
- usage guidelines 1
- connectivity
- FPC to FEB, M120 routers 1
- console port
- console statement
- conventions
- text and syntax 1
- core dump files
- craft interface
- craft-lockout statement 1
- usage guidelines 1
- critical (system logging severity level 2) 1
- crl statement
- Crypto Officer 1
- user configuration 1
- ct3 statement 1
- usage guidelines 1
- curly braces, in configuration statements 1
- customer support 1
- contacting JTAC 1
D
- daemon (system logging facility) 1
- option to facility-override statement 1
- debug (system logging severity level 7) 1
- default-address-selection statement 1
- usage guidelines 1
- default-lease-time statement 1
- usage guidelines 1
- delay buffers 1
- delimiter statement
- DHCP local server 1
- deny-commands statement 1
- usage guidelines 1
- deny-configuration statement 1
- usage guidelines 1
- denying commands to login classes 1
- description statement
- destination option 1
- destination statement 1
- device-count statement 1
- usage guidelines 1
- dfc (system logging facility) 1
- dh-group statement 1
- usage guidelines 1
- DHCP
- tracing operations 1
- DHCP local server statements
- DHCP relay agent statements
- user-prefix 1
- DHCP statement
- usage guidelines 1
- dhcp statement
- usage guidelines 1
- dhcp-attributes statement
- address-assignment pools 1
- dhcp-local-server statement 1
- usage guidelines 1
- DHCP/BOOTP relay agent 1
- dhcpv6 statement 1
- diag-port-authentication statement 1
- usage guidelines 1
- diagnostics port password 1, 2
- direction statement 1
- direction, IPsec 1
- directories
- Junos OS 1
- disk space, available
- managing 1
- disk-failure-action statement 1
- DNS name servers 1
- documentation
- comments on 1
- domain names on routers 1
- domain-name statement
- domain-search statement 1
- usage guidelines 1
- domains to be searched 1, 2
- DPC
- bound to a Layer 2 port-mirroring instance 1
- drop-timeout statement 1
- usage guidelines 1
- DS1 interfaces, PIC alarm conditions 1
- dump-device statement 1
- dynamic security associations 1
- dynamic security associations (IPsec) 1, 2
- dynamic service activation 1
- dynamic statement 1
- usage guidelines 1
E
- e1 statement 1
- usage guidelines 1
- E3 interfaces
- PIC alarm conditions 1
- emergency (system logging severity level 0) 1
- encapsulation-overhead statement 1
- encoding statement 1
- encrypted passwords 1, 2
- encrypted-password option 1, 2
- encryption statement
- encryption-algorithm statement 1
- encryption-algorithm statement (IKE)
- usage guidelines 1
- enhanced AC PEM
- MX Series
- configuring at the chassis level 1
- enrollment statement 1
- usage guidelines 1
- enrollment-retry statement 1
- usage guidelines 1
- enrollment-url statement 1
- usage guidelines 1
- error (system logging severity level 3) 1
- ES PIC 1
- Ethernet
- Ethernet rollover cable, connecting the router to a management device 1
- ethernet statement 1, 2
- usage guidelines 1
- Ethernet switching interfaces 1, 2
- ethernet-port-type-virtual statement 1
- events statement 1
- exclude statement 1
- explicit-priority statement 1
- export routing policies 1
- external synchronization interface 1
- usage guidelines 1
F
- fabric upgrade-mode statement 1
- facilities (system logging)
- facility-override statement 1
- system logging
- usage guidelines 1
- failover statement 1, 2
- usage guidelines 1
- failover, configuring 1
- family statement 1
- fan alarm conditions
- FEB alarm condition 1
- M120 routers 1
- feb statement 1, 2
- FEBs
- connectivity 1
- file statement
- filenames, specifying in commands 1
- files
- files statement 1
- finger statement 1
- usage guidelines 1
- FIPS 1, See also Junos-FIPS
- user configuration 1
- firewall (system logging facility) 1
- firewall filters 1
- security configuration example 1
- first-time router configuration 1
- flow-tap-dtcp statement 1
- usage guidelines 1
- font conventions 1
- format statement 1
- forwarding table 1
- FPC alarm condition
- fpc statement
- FPC, configuring to stay offline 1
- fpc-feb-connectivity statement 1
- usage guidelines 1
- fpc-resync statement 1, 2
- FPC-to-FEB connectivity
- fragmentation-threshold statement 1
- usage guidelines 1
- framed-ip-address statement 1
- usage guidelines 1
- framed-pool statement 1
- framing statement
- usage guidelines 1
- fru-poweron-sequence statement 1
- usage guidelines 1
- ftp (system logging facility) 1
- option to facility-override statement 1
- FTP service, configuring 1
- ftp statement 1
- usage guidelines 1
- full names, in user accounts 1
- full-name statement 1
G
H
I
- icmpv4-rate-limit statement 1
- usage guidelines 1
- icmpv6-rate-limit statement 1
- usage guidelines 1
- icons defined, notice 1
- identity statement 1
- usage guidelines 1
- idle timeout values
- login classes 1
- idle-cell-format statement 1
- usage guidelines 1
- idle-timeout statement 1, 2
- ignore statement 1
- IKE 1, 2
- authentication algorithm 1
- authentication method 1
- Diffie-Hellman group 1
- dynamic SAs 1
- encryption algorithm 1
- encryption-algorithm statement
- usage guidelines 1
- lifetime statement
- usage guidelines 1
- policy configuration, example 1
- policy description 1
- policy mode 1
- policy statement
- usage guidelines 1
- preshared key 1
- proposal description 1
- proposals associated with policy 1
- SA lifetime 1
- ike statement 1, 2
- usage guidelines 1
- ILMI with cell relay 1
- immediate-update statement
- accounting 1
- import routing policies 1
- inet statement 1, 2
- usage guidelines 1
- inet6-backup-router statement 1
- usage guidelines 1
- info (system logging severity level 6) 1
- initial configuration
- Junos OS 1
- initiate-dead-peer-detection statement 1
- insecure statement 1
- usage guidelines 1
- interactive-commands (system logging facility) 1
- interface naming
- interface statement
- interface-description-format statement 1
- interface-id statement 1
- interfaces
- tracing operations 1
- interfaces statement 1
- internal statement 1
- usage guidelines 1
- internet-options statement 1
- IP addresses 1
- IP packets
- ip-address statement 1
- ip-address-first statement 1
- usage guidelines 1
- ipip-path-mtu-discovery statement 1
- usage guidelines 1
- IPsec
- algorithm 1
- authentication 1
- authentication algorithm 1
- auxiliary security parameter index 1
- configuring internal 1
- digital certificates, configuring (AS and MultiServices PICs) 1
- digital certificates, configuring (ES PIC) 1
- direction 1, 2
- direction of processing 1
- dynamic security associations 1, 2
- encryption 1, 2, 3
- encryption algorithm 1, 2
- ES PIC 1
- example 1
- example configuration
- outbound traffic 1
- IKE 1
- internal 1
- key 1
- lifetime of SA 1
- manual 1, 2
- minimum configurations
- overview 1
- Perfect Forward Secrecy 1
- policy 1
- proposal 1
- proposal description 1
- SA description 1
- security associations 1
- security parameter index 1
- security services overview 1
- SPI 1
- statements 1
- ipsec statement 1
- usage guidelines 1
- ipsec-policy statement 1
- usage guidelines 1
- ipv6-duplicate-addr-detection-transmits statement 1
- usage guidelines 1
- ipv6-path-mtu-discovery statement 1
- usage guidelines 1
- ipv6-path-mtu-discovery-timeout statement 1
- ipv6-reject-zero-hop-limit statement 1
- usage guidelines 1
- IS-IS
- security configuration example 1
J
- J Series Services Routers 1, 2, 3
- J-Web graphical user interface (GUI)
- Juniper Networks VSAs
- supported 1
- Juniper-Allow-Commands attribute (RADIUS) 1
- Juniper-Allow-Configuration attribute (RADIUS) 1
- Juniper-Configuration-Change attribute (RADIUS) 1
- Juniper-Deny-Commands attribute (RADIUS) 1
- Juniper-Deny-Configuration attribute (RADIUS) 1
- Juniper-Interactive-Command attribute (RADIUS) 1
- Juniper-Interface-ID attribute (RADIUS for L2TP) 1
- Juniper-IP-Pool-Name attribute (RADIUS for L2TP) 1
- Juniper-Keep-Alive attribute (RADIUS for L2TP) 1
- Juniper-Local-User-Name attribute (RADIUS) 1
- Juniper-Primary-DNS attribute (RADIUS for L2TP) 1
- Juniper-Primary-WINS attribute (RADIUS for L2TP) 1
- Juniper-Secondary-DNS attribute (RADIUS for L2TP) 1
- Juniper-Secondary-WINS attribute (RADIUS for L2TP) 1
- Juniper-User-Permissions attribute (RADIUS) 1
- juniper.conf file, compressing 1, 2
- Junos OS 1
- Junos XML management protocol
- Junos XML protocol SSL service 1
- Junos XML protocol xnm-ssl service 1
- Junos-FIPS
K
L
- l2tp statement
- lacp statement 1
- laptop See management device
- large delay buffers 1
- LCC
- lcc statement 1
- lcp-negotiation statement
- usage guidelines 1
- lcp-renegotiation statement 1
- ldap-url statement 1
- usage guidelines 1
- license requirements
- address-assignment pools 1
- lifetime-seconds statement 1
- line-card chassis See LCC
- linerate-mode statement 1
- link protection
- non-revertive statement 1
- Link Services PIC 1
- link-protection statement
- LACP
- chassis 1
- lo0 interface 1, 2
- load-key-file command
- load-key-file statement 1
- local password authentication 1
- local statement 1
- usage guidelines 1
- local user
- template accounts 1
- local-certificate statement 1, 2
- usage guidelines 1
- local-chap statement 1
- usage guidelines 1
- local-key-pair statement 1
- usage guidelines 1
- local0 - local7 (options to facility-override statement) 1
- location statement 1
- usage guidelines 1
- log files
- specifying properties 1
- log-out-on-disconnect statement 1
- usage guidelines 1
- log-prefix statement
- logging in as root 1
- logging operations
- logical devices 1
- logical-system-name statement
- DHCP local server 1
- login announcements, system 1
- login classes
- login messages, system 1
- login statement 1
- login-alarms statement 1
- usage guidelines 1
- login-tip statement 1
M
- mac-address statement
- DHCP local server 1
- management device
- recovering root password from 1
- management Ethernet interface
- PIC alarm conditions 1
- manual security association 1
- manual statement
- manuals
- comments on 1
- martian addresses 1
- match statement 1
- usage guidelines 1
- max-configurations-on-flash statement 1
- usage guidelines 1
- max-queues-per-interface statement 1
- usage guidelines 1
- maximum-certificates statement 1
- usage guidelines 1
- maximum-ecmp statement 1
- usage guidelines 1
- maximum-lease-time statement 1, 2
- maximum-length statement 1
- usage guidelines 1
- maximum-sessions-per-tunnel statement 1
- usage guidelines 1
- MD5 authentication 1
- message statement 1
- usage guidelines 1
- messages
- minimum-changes statement 1
- usage guidelines 1
- minimum-length statement 1
- usage guidelines 1
- mirror-flash-on-disk statement 1
- usage guidelines 1
- mlfr-uni-nni-bundles statement 1
- usage guidelines 1
- Mobile IP statements
- statistics 1
- mode statement
- monitoring tools
- tracing operations 1
- monitoring tools for Junos OS 1
- MPLS routing table 1
- ms-chapv2
- changing password ms-chapv2 1
- multicast
- NTP messages 1
- multicast routing table 1
- multicast-client statement 1
- usage guidelines 1
- multilink statement 1
- usage guidelines 1
- multiplexed mode 1
- multiservice statement 1
N
- name servers, DNS 1
- name-server statement 1, 2
- usage guidelines 1
- names
- nas-identifier statement 1
- nas-port-extended-format statement 1
- netbios-node-type statement 1
- NETCONF XML management protocol
- NETCONF-over-SSH
- TCP port 1
- network
- masks 1
- network statement 1
- network-services 1
- Next-generation SONET/SDH PICs
- configuring 1
- next-server statement 1
- no-auto-failover statement 1, 2
- no-compress-configuration-files statement 1
- usage guidelines 1
- no-concatenate statement 1
- usage guidelines 1
- no-gre-path-mtu-discovery statement 1
- no-ipip-path-mtu-discovery statement 1
- no-multicast-echo statement 1
- usage guidelines 1
- no-packet-scheduling statement 1
- usage guidelines 1
- no-path-mtu-discovery statement 1
- no-ping-record-route statement 1
- no-ping-time-stamp statement 1
- no-redirects statement 1
- usage guidelines 1
- no-saved-core-context statement 1
- usage guidelines 1
- no-source-quench statement 1
- no-tcp-rfc1323 statement 1
- usage guidelines 1
- no-tcp-rfc1323-paws statement 1
- usage guidelines 1
- no-world-readable statement
- non-revertive statement 1
- nonconcatenated mode 1
- notice (system logging severity level 5) 1
- notice icons defined 1
- NTP
- ntp statement 1
- number-of-ports statement
- MPC ports 1
O
- offline statement 1
- on-disk-failure statement 1, 2, 3
- usage guidelines 1
- on-loss-of-keepalives statement 1, 2
- online-expected statement 1
- operators, regular expression 1, 2
- option statement 1
- option-60 statement
- DHCP local server 1
- option-82 statement
- option-match statement 1
- options
- RADIUS server 1
- options statement
- RADIUS 1
- order statement
- accounting 1
- other-routing-engine option to host statement 1
- outbound SSH
- router-initiated SSH 1
- outbound SSH service
- configuring 1
- outbound-ssh statement 1
- usage guidelines 1
P
- Packet Forwarding Engine 1
- bound to a Layer 2 port-mirroring instance 1
- packet scheduling 1
- packet-rate statement
- packet-scheduling statement 1
- usage guidelines 1
- packets
- pap-password statement 1
- usage guidelines 1
- parentheses, in syntax descriptions 1
- passive ARP learning
- VRRP 1
- password statement
- passwords
- passwords statement
- usage guidelines 1
- path-length statement 1
- usage guidelines 1
- path-mtu-discovery statement 1
- usage guidelines 1
- payload statement 1
- PC See management device
- peer statement 1
- pem statement 1
- usage guidelines 1
- perfect-forward-secrecy statement 1
- usage guidelines 1
- permissions statement 1
- usage guidelines 1
- pfe (system logging facility) 1
- physical devices, aggregating 1
- physical interfaces framing modes 1
- pic statement
- pic-console-authentication statement 1
- usage guidelines 1
- pki statement 1
- plain-text password
- requirements 1
- plain-text passwords 1
- plain-text-password option 1, 2
- policy statement
- pool statement 1
- pool-match-order statement 1
- usage guidelines 1
- port mirroring 1
- port mirroring, Layer 2
- port statement 1
- port-mirroring instance, Layer 2
- port-mirroring instances
- overview 1
- ports
- ports statement 1
- usage guidelines 1
- power statement (fpc) 1
- usage guidelines 1
- power supply alarm conditions 1
- ppp statement
- ppp-authentication statement 1
- ppp-profile statement 1
- usage guidelines 1
- pre-shared-key statement 1, 2
- usage guidelines 1
- prefixes
- specifying in configuration statements 1
- primary-dns statement 1
- primary-wins statement 1
- priorities
- processes
- processes statement 1
- profile statement
- proposal statement
- proposals statement 1
- protocol
- protocol statement
- protocol-specific tracing operations 1
- protocol-version statement 1
- usage guidelines 1
- protocols
Q
R
- RADIUS accounting 1
- subscriber access management 1
- RADIUS attributes
- RADIUS authentication 1, 2, 3
- RADIUS authorization See RADIUS authentication
- RADIUS server
- RADIUS servers
- radius statement
- subscriber access 1
- RADIUS templates
- security configuration example 1
- radius-disconnect statement 1
- usage guidelines 1
- radius-disconnect-port statement 1
- usage guidelines 1
- radius-options statement 1
- radius-server statement 1, 2
- range statement
- address-assignment pools 1
- rate-limit statement 1
- usage guidelines 1
- re-enroll-trigger-time statement 1
- re-generate-keypair statement 1
- red alarm conditions 1
- red-buffer-occupancy statement 1
- redirect messages
- disabling 1
- redundancy
- redundancy statement 1, 2, 3
- redundancy-group statement 1
- refresh-interval statement 1
- usage guidelines 1
- regular expression operators 1, 2
- remote
- remote access, router, establishing 1
- remote-id statement 1
- replay-window-size statement 1
- usage guidelines 1
- request security certificate command 1
- usage guidelines 1
- request security key-pair
- usage guidelines 1
- retry statement 1, 2, 3
- retry-interval statement 1
- usage guidelines 1
- retry-options statement 1
- usage guidelines 1
- revert-interval statement 1
- revocation-check statement 1
- RJ-45–to–DB-9 serial port adapter 1
- rlogin service, configuring 1
- rollover cable, connecting the console port 1
- root password 1, 2
- root password recovery 1
- root-authentication statement 1
- root-login statement 1
- usage guidelines 1
- route prefixes 1
- route-memory-enhanced statement 1
- usage guidelines 1
- router chassis See chassis
- router security 1
- router statement 1
- address-assignment pools 1
- routers
- backup 1, 2
- DNS name servers, configuring 1
- domain names 1
- domains to be searched 1, 2
- failover, configuring 1, 2
- hardware components 1
- initial configuration 1
- Junos OS
- initial configuration for redundant Routing Engines 1
- login classes 1
- names
- NTP 1, 2
- Packet Forwarding Engine 1
- physical system location 1
- ports
- redirect 1
- remote access, establishing 1
- root login, controlling 1
- Routing Engine 1
- security features 1
- source addresses 1, 2
- system services, configuring 1
- time zone setting 1
- user accounts 1, 2
- Routing Engines
- routing matrix 1, 2
- routing protocol process
- routing protocol security features 1
- routing tables 1
- routing-engine statement
- routing-instance statement 1
- routing-instance-name statement
- DHCP local server 1
S
- saved-core-context statement 1
- usage guidelines 1
- saved-core-files statement 1
- usage guidelines 1
- SCB alarm condition 1
- SCC 1, 2
- scc-master option to host statement 1
- usage guidelines 1
- scheduling packets 1
- SCP 1
- SDH
- interfaces
- framing mode 1
- SDH interfaces
- secondary-dns statement 1
- secondary-wins statement 1
- secret statement
- secure copy See SCP
- security
- security association statement
- usage guidelines 1
- security services configuration guidelines 1
- security-association statement
- server mode, usage guidelines 1
- server statement
- server-identifier statement 1
- usage guidelines 1
- servers statement 1
- usage guidelines 1
- service-deployment statement 1
- usage guidelines 1
- service-package statement 1, 2
- services statement 1
- usage guidelines 1
- session statement 1
- session-offload statement 1
- severity levels for system logging 1, 2
- SFC 1, 2
- sfm (offline) statement 1
- usage guidelines 1
- sfm statement 1
- SFMs
- shared-secret statement 1
- usage guidelines 1
- sib statement 1
- usage guidelines 1
- simple authentication 1
- single-connection statement 1
- usage guidelines 1
- size statement 1
- SNMP
- security configuration example 1
- software processes
- SONET
- sonet statement 1
- usage guidelines 1
- source-address statement 1
- source-port statement 1
- usage guidelines 1
- source-quench statement 1
- usage guidelines 1
- sparse-dlcis statement 1
- usage guidelines 1
- SPI
- IPsec 1
- spi statement
- SRC software 1, 2
- SSB
- ssb statement 1, 2
- SSH key files 1, 2
- SSH service
- ssh statement 1
- usage guidelines 1
- ssh-known-hosts statement 1
- usage guidelines 1
- SSL 1
- start-time statement
- static-binding statement 1
- usage guidelines 1
- static-host-mapping statement 1
- usage guidelines 1
- statistics statement
- access 1
- structured-data statement 1
- usage guidelines 1
- subnet masks 1
- subscriber AAA information
- verifying 1
- subscriber access
- configuring 1
- subscriber access management
- overview 1
- support, technical See technical support
- symmetric active mode, NTP
- symmetric-hash statement 1
- symmetrical hashing for load balancing, 802.3ad LAG
- synchronization statement 1, 2
- synchronized timing 1
- syntax conventions 1
- sysid statement 1
- usage guidelines 1
- syslog statement
- system authentication
- system identifier, IS-IS
- configuring 1
- system log messages 1
- system logging
- Common Criteria 1
- different on each node in routing matrix 1
- disabling 1
- examples 1
- facilities
- files, archiving 1
- forwarding messages in TX Matrix router 1
- Junos-FIPS 1
- regular expression filtering 1
- regular expression operators 1, 2
- routing matrix 1
- severity levels 1, 2
- single-chassis system 1
- timestamp, modifying 1
- system login 1, 2
- system services
- system statement 1
- usage guidelines 1
- system-priority statement
- LACP
- interface 1
T
- t1 statement 1
- usage guidelines 1
- T1600 router chassis
- T1600 routers 1
- role in routing matrix 1
- T3 interfaces
- PIC alarm conditions 1
- T640 routers 1
- role in routing matrix 1
- TACACS+ accounting 1
- usage guidelines, TX Matrix router 1
- TACACS+ authentication
- tacplus-options statement
- tacplus-server statement 1
- usage guidelines 1
- tcp-drop-synfin-set statement 1
- usage guidelines 1
- tcp-mss statement
- technical support
- contacting JTAC 1
- telnet
- telnet statement 1
- usage guidelines 1
- temperature alarm conditions 1
- template accounts 1
- terminal type 1, 2
- tftp-server statement 1
- time
- security configuration example 1
- time zone setting, routers 1
- time-format statement 1
- usage guidelines 1
- time-zone statement 1
- usage guidelines 1
- timeout statement 1, 2
- timeslots statement 1
- usage guidelines 1
- traceoptions statement
- tracing 1
- destination-override 1
- tracing operations 1
- traffic
- traffic-manager statement 1
- transfer interval
- usage guidelines 1
- transfer-interval statement
- transfer-on-commit statement 1
- usage guidelines 1
- transferring router configuration to archive site 1
- troubleshooting
- root password recovery 1
- trusted-key statement 1
- usage guidelines 1
- tunnel interfaces
- configuring, MX Series routers 1
- tunnel-services statement 1
- usage guidelines 1
- TX Matrix Plus router
- TX Matrix router
- type statement
U
- uid statement 1
- UIDs 1
- unicast routing table 1
- update-interval statement 1
- uPIM Ethernet interfaces 1, 2
- url statement 1
- URLs, specifying in commands 1
- user (system logging facility) 1
- option to facility-override statement 1
- user access
- user accounts
- user authentication
- user identifiers See UIDs
- user statement
- user-group-profile statement 1
- usage guidelines 1
- user-prefix statement
- DHCP local server 1
- username-include statement
- DHCP local server 1
- using outbound-ssh
- connect routers behind firewalls 1
V
- validity-period statement 1
- /var/db/config directory 1
- /var directory 1
- /var/home directory 1
- /var/log directory 1
- vendor-specific attributes
- supported 1
- virtual links
- aggregated devices 1
- vlan-nas-port-stacked-format statement 1
- VPNs 1
- vrf-mtu-check statement 1
- VRRP
- passive ARP learning 1
- VSAs
- supported 1
- vtmapping statement 1
- usage guidelines 1
W
X
Y
- yellow alarm condition 1
A
- access-end statement
- login class 1
- access-start statement
- login class 1
- accounting statement 1
- access profile 1
- accounting-order statement 1
- accounting-port statement 1
- RADIUS servers 1
- accounting-server statement 1
- accounting-session-id-format statement 1
- accounting-stop-on-access-deny statement 1
- accounting-stop-on-failure statement 1
- adaptive-services statement 1
- address statement 1
- address-assignment statement
- address-assignment pools 1
- address-pool statement 1
- address-range statement 1
- aggregate-ports statement 1
- aggregated-devices statement 1
- alarm statement 1
- algorithm statement 1
- allow-commands statement 1
- allow-configuration statement 1
- allowed-days statement
- login class 1
- allowed-proxy-pair statement 1
- announcement statement 1
- archival statement 1
- archive statement
- archive-sites statement
- arp statement 1
- atm-cell-relay-accumulation statement 1
- atm-l2circuit-mode statement 1
- attributes statement 1
- authentication statement 1
- authentication-algorithm statement
- authentication-key statement 1
- authentication-key-chains statement 1
- authentication-method statement
- IKE 1
- authentication-order statement 1
- access 1
- authentication-server statement 1
- auto-re-enrollment statement 1
- autoinstallation statement 1
- auxiliary statement 1
- auxiliary-spi statement 1
B
C
- ca-identity statement 1
- ca-name statement 1
- ca-profile statement 1
- cache-size statement 1
- cache-timeout-negative statement 1
- ce1 statement 1
- cell-overhead statement 1
- certificate-id statement 1
- certificates statement 1
- certification-authority statement 1
- cfeb statement 1
- challenge-password statement 1
- change-type statement 1
- channel-group statement 1
- chap-secret statement 1
- chassis statement 1
- circuit-id statement
- address-assignment pools 1
- circuit-type statement 1
- DHCP local server 1
- class statement
- client statement 1
- client-authentication-algorithm statement
- RADIUS 1
- client-identifier statement 1
- commit synchronize statement 1
- compress-configuration-files statement 1
- config-button statement 1
- configuration statement 1
- configuration-servers statement 1
- connection-limit statement 1
- console statement
- craft-lockout statement 1
- crl statement
- ct3 statement 1
D
- default-address-selection statement 1
- default-lease-time statement 1
- delimiter statement
- DHCP local server 1
- deny-commands statement 1
- deny-configuration statement 1
- description statement
- IKE policy 1
- destination statement 1
- device-count statement 1
- dh-group statement 1
- DHCP local server statements
- DHCP relay agent statements
- user-prefix 1
- dhcp statement
- usage guidelines 1
- dhcp-attributes statement
- address-assignment pools 1
- dhcp-local-server statement 1
- dhcpv6 statement 1
- diag-port-authentication statement 1
- direction statement 1
- disk-failure-action statement 1
- domain-name statement
- domain-search statement 1
- drop-timeout statement 1
- dump-device statement 1
- dynamic statement 1
E
- e1 statement 1
- encapsulation-overhead statement 1
- encoding statement 1
- encryption statement
- encryption-algorithm statement 1
- enrollment statement 1
- enrollment-retry statement 1
- enrollment-url statement 1
- ethernet statement 1, 2
- ethernet-port-type-virtual statement 1
- events statement 1
- exclude statement 1
- explicit-priority statement 1
F
- fabric upgrade-mode statement 1
- facility-override statement 1
- failover statement 1
- FEBs
- connectivity 1
- file statement
- system logging 1
- files statement 1
- finger statement 1
- flow-tap-dtcp statement 1
- format statement 1
- fpc statement
- fpc-feb-connectivity statement 1
- fpc-resync statement 1, 2
- fragmentation-threshold statement 1
- framed-ip-address statement 1
- framed-pool statement 1
- ftp statement 1
- full-name statement 1
G
H
I
- icmpv4-rate-limit statement 1
- icmpv6-rate-limit statement 1
- identity statement 1
- idle-cell-format statement 1
- idle-timeout statement 1, 2
- ignore statement 1
- ike statement 1, 2
- immediate-update statement
- accounting 1
- inet6-backup-router statement 1
- initiate-dead-peer-detection statement 1
- interface statement
- DHCP local server 1
- interface-description-format statement 1
- interface-id statement 1
- interfaces statement 1
- internal statement 1
- internet-options statement 1
- ip-address statement 1
- ip-address-first statement 1
- ipip-path-mtu-discovery statement 1
- ipsec statement 1
- ipv6-duplicate-addr-detection-transmits statement 1
- ipv6-reject-zero-hop-limit statement 1
K
L
- l2tp statement
- lacp statement 1
- lcc statement 1
- lcp-renegotiation statement 1
- ldap-url statement 1
- lifetime-seconds statement 1
- link-protection statement
- LACP
- chassis 1
- load-key-file statement 1
- local statement 1
- local-certificate statement 1, 2
- local-chap statement 1
- local-key-pair statement 1
- location statement 1
- log-prefix statement
- system logging 1
- logical-system-name statement
- DHCP local server 1
- login statement 1
- login-alarms statement 1
- login-tip statement 1
M
- mac-address statement
- DHCP local server 1
- manual statement
- match statement 1
- max-configurations-on-flash statement 1
- max-queues-per-interface statement 1
- maximum-certificates statement 1
- maximum-ecmp statement 1
- maximum-lease-time statement 1, 2
- maximum-length statement 1
- maximum-sessions-per-tunnel statement 1
- message statement 1
- minimum-changes statement 1
- minimum-length statement 1
- mirror-flash-on-disk statement 1
- mlfr-uni-nni-bundles statement 1
- Mobile IP statements
- statistics 1
- mode statement
- multicast-client statement 1
- multilink statement 1
N
- name-server statement 1, 2
- nas-identifier statement 1
- nas-port-extended-format statement 1
- netbios-node-type statement 1
- network statement 1
- next-server statement 1
- no-auto-failover statement 1
- no-compress-configuration-files statement 1
- no-concatenate statement 1
- no-gre-path-mtu-discovery statement 1
- no-ipip-path-mtu-discovery statement 1
- no-multicast-echo statement 1
- no-path-mtu-discovery statement 1
- no-ping-record-route statement 1
- no-ping-time-stamp statement 1
- no-redirects statement 1
- no-saved-core-context statement 1
- no-source-quench statement 1
- no-tcp-rfc1323 statement 1
- no-tcp-rfc1323-paws statement 1
- no-world-readable statement
- non-revertive statement 1
- ntp statement 1
- number-of-ports statement
- MPC ports 1
O
P
- packet-rate statement
- packet-scheduling statement 1
- pap-password statement 1
- password statement
- path-length statement 1
- path-mtu-discovery statement 1
- peer statement 1
- pem statement 1
- perfect-forward-secrecy statement 1
- permissions statement 1
- pic statement
- pic-console-authentication statement 1
- pki statement 1
- policy statement
- pool statement 1
- address-assignment pools 1
- pool-match-order statement 1
- port statement 1
- ports statement 1
- power statement (fpc) 1
- ppp statement
- ppp-authentication statement 1
- ppp-profile statement 1
- pre-shared-key statement 1, 2
- primary-dns statement 1
- primary-wins statement 1
- processes statement 1
- profile statement
- subscriber access 1
- proposal statement
- proposals statement 1
- protocol statement
- protocol-version statement 1
Q
- q-pic-large-buffer statement 1
R
- radius statement
- subscriber access 1
- radius-disconnect statement 1
- radius-options statement 1
- radius-server statement 1, 2
- range statement
- address-assignment pools 1
- rate-limit statement 1
- re-enroll-trigger-time statement 1
- re-generate-keypair statement 1
- red-buffer-occupancy statement 1
- redundancy statement 1
- redundancy-group statement 1
- refresh-interval statement 1
- remote-id statement 1
- retry statement 1, 2, 3
- retry-interval statement 1
- retry-options statement 1
- revert-interval statement 1
- revocation-check statement 1
- root-authentication statement 1
- root-login statement 1
- route-memory-enhanced statement 1
- router statement 1
- address-assignment pools 1
- routing-engine statement
- routing-instance statement 1
- routing-instance-name statement
- DHCP local server 1
S
- saved-core-context statement 1
- saved-core-files statement 1
- secondary-dns statement 1
- secondary-wins statement 1
- secret statement
- security-association statement
- server statement
- server-identifier statement 1
- servers statement 1
- service-deployment statement 1
- service-package statement 1, 2
- usage guidelines 1
- services statement 1
- session statement 1
- session-offload statement 1
- sfm (offline) statement 1
- sfm statement 1
- shared-secret statement 1
- sib statement 1
- single-connection statement 1
- size statement 1
- sonet statement 1
- source-address statement 1
- source-port statement 1
- source-quench statement 1
- sparse-dlcis statement 1
- spi statement
- ssb statement 1
- ssh statement 1
- ssh-known-hosts statement 1
- start-time statement
- system log file archiving 1
- static-binding statement 1
- static-host-mapping statement 1
- statistics statement
- access 1
- structured-data statement 1
- synchronization statement 1
- syslog statement
- system processes 1
- system statement 1
- system-priority statement
- LACP
- interface 1
T
- t1 statement 1
- tacplus-options statement
- no-cmd-attribute-value option 1
- tacplus-server statement 1
- tcp-drop-synfin-set statement 1
- telnet statement 1
- tftp-server statement 1
- time-format statement 1
- time-zone statement 1
- timeout statement 1, 2
- timeslots statement 1
- traceoptions statement
- tracing 1
- destination-override 1
- traffic-manager statement 1
- transfer-interval statement
- transfer-on-commit statement 1
- trusted-key statement 1
- tunnel-services statement 1
U
V
W
X
