Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Configuring clear-text or SSL Service for Junos XML protocol Client Applications
A Junos XML protocol client application can use one of four protocols to connect to the Junos XML protocol server on a router: clear-text (a Junos XML protocol-specific protocol for sending unencrypted text over a TCP connection), SSH, SSL, or Telnet. For clients to use the clear-text or SSL protocol, you must include Junos XML protocol-specific statements in the router configuration.
For more information, see the following topics:
- Configuring clear-text Service for Junos XML protocol Client Applications
- Configuring SSL Service for Junos XML protocol Client Applications
Configuring clear-text Service for Junos XML protocol Client Applications
To configure the router to accept clear-text connections from Junos XML protocol client applications on port 3221, include the xnm-clear-text statement at the [edit system services] hierarchy level:
By default, the Junos XML protocol server supports a limited number of simultaneous clear-text sessions and connection attempts per minute. Optionally, you can include either or both of the following statements to change the defaults:
- connection-limit limit—Maximum number of simultaneous connections (a value from 1 through 250)The default is 75.
- rate-limit limit—Maximum number of connection attempts accepted per minute (a value from 1 through 250). The default is 150.
You cannot include the xnm-clear-text statement on routers that run the Junos-FIPS software. We recommend that you do not use the clear-text protocol in a Common Criteria environment.
Configuring SSL Service for Junos XML protocol Client Applications
To configure the router to accept SSL connections from Junos XML protocol client applications on port 3220, include the xnm-ssl statement at the [edit system services] hierarchy level:
local-certificate is the name of the X.509 authentication certificate used to establish an SSL connection. You must obtain the certificate and copy it to the router before referencing it.
By default, the Junos XML protocol server supports a limited number of simultaneous SSL sessions and connection attempts per minute. Optionally, you can include either or both of the following statements to change the defaults:
- connection-limit limit—Maximum number of simultaneous connections (a value from 1 through 250). The default is 75.
- rate-limit limit—Maximum number of connection attempts accepted per minute (a value from 1 through 250). The default is 150.
