SRX110 Services Gateway Software Configuration Overview

This topic includes the following sections:

Preparing the SRX110 Services Gateway for Configuration

When the device powers on, it tries to boot Junos OS from the default storage medium. If the device fails to boot from the default storage medium, it tries to boot from the alternate storage medium.

Table 35 provides information on the storage media available on the services gateway.

Table 35: Storage Media on the Services Gateway

Storage Media

Type

CompactFlash

Default; always present

USB storage device

Alternate

Note: The SRX Series devices that ship with Junos OS Release 10.0 or later are formatted with dual-root partitions from the factory. SRX Series devices that are running Junos OS Release 9.6 or earlier can be formatted with dual-root partitions when they are upgraded to Junos OS Release 10.0 or later.

For more information on dual-root partitioning, see the following guides:

You configure the services gateway by issuing Junos OS command-line interface (CLI) commands.

Gather the following information before configuring the device:

Understanding Built-In Ethernet Ports

Note the following points about the services gateway management ports:

Understanding Management Access

Telnet allows you to connect to the services gateway and access the CLI to execute commands from a remote system. The Telnet CLI connections are not encrypted and therefore can be intercepted.

Note: Telnet access to the root user is prohibited. You must use more secure methods, such as SSH, to log in as root.

SSH provides the following features:

The SSH client software must be installed on the machine where the client application runs. If the SSH private key is encrypted (for greater security), the SSH client must be able to access the passphrase used to decrypt the key.

For information about obtaining SSH software, see http://www.ssh.com and http://www.openssh.com.

If you are using a Junos XML management protocol server to configure and monitor devices, you can activate cleartext access on the device to allow unencrypted text to be sent directly over a Transmission Line Protocol (TCP) connection without using any additional protocol (such as SSH, SSL, or Telnet). For more information about the Junos XML management protocol application programming interface (API), see the NETCONF XML Management Protocol Guide PDF Document.

Note: Information sent in cleartext is not encrypted and therefore can be intercepted.

If the device is operating in a Common Criteria environment, see the Secure Configuration Guide for Common Criteria and JUNOS-FIPS.

Related Documentation