Device identification
|
The hostname defines the network or subnetwork to which
your services gateway belongs.
|
The hostname refers to the specific machine, while the
domain name is shared among all devices in a given network. Together
the hostname and domain name identify the device in the network.
|
Root password
|
Initially, the root password is not defined on the device.
To ensure basic security, you must define the root password during
initial configuration. If a root password is not defined, you cannot
commit configuration settings on the device.
Note:
The root password is mandatory.
Note:
If you use a plaintext password, the device displays the
password as an encrypted string so that users viewing the configuration
cannot see it.
|
The root password must meet the following
conditions:
- Must be at least six characters long
- Most character classes can be included in a password (alphabetic,
numeric, and special characters), except control characters
- Must contain at least one change of case or character
class
Note:
For Common Criteria environments only, the password must
be between 10 and 20 characters long and must include at least 3 of
the 5 character classes (uppercase letters, lowercase letters, punctuation
marks, numbers, and other special characters). Control characters
are not recommended. For more information, see the Secure
Configuration Guide for Common Criteria and JUNOS-FIPS.
|
Time zone and system time
|
You define the time zone for the location where you plan
to operate the services gateway by using a designation that
consists of the following information for the location:
- Name of the continent or ocean—for example, America or Pacific
- Name of the major city or other geographic feature in
the time zone—for example, Boston or Azores
It is recommended that you set the system time before
you begin configuration.
|
A Network Time Protocol (NTP) server provides accurate
time across a network. The device synchronizes the system time with
the NTP server and periodically accesses the NTP server to maintain
the correct time.
The time zone and system time must be accurate so that the device
schedules events and operations as expected.
Note:
For Common Criteria compliance, you must configure NTP
to provide accurate timestamps for system log messages. For more information,
see the Secure Configuration Guide for Common Criteria and
JUNOS-FIPS.
|
Network settings
|
A Domain Name System (DNS) server on the network maintains
a database for resolving hostnames and IP addresses. Network devices
can query the DNS server by hostnames rather than IP addresses. The services gateway accesses
the DNS servers that are added to the configuration to resolve hostnames
in the order in which you list them.
|
If you plan to include your device in several domains,
add these domains to the configuration so that they are included in
a DNS search. When DNS searches are requested, the domain suffixes
are appended to the hostnames.
|
Default gateway
|
A default gateway is a static route that is used to direct
packets addressed to networks not explicitly listed in the routing
table. If a packet arrives at the services gateway with an address
for which the device does not have routing information, the services gateway sends
the packet to the default gateway.
|
The default gateway entry is always present in the routing
and forwarding tables.
|
Backup device
|
Note:
This feature is currently not supported in this release.
You can specify a backup device to take over when
the routing protocol process of the services gateway is not
running:
- When the services gateway is starting.
- When its routing protocol process has failed. Packets
arriving at a services gateway in this situation are routed
to the backup device. When the routing protocol process starts up
again, the address of the backup device is removed from the routing
and forwarding tables of the services gateway.
|
Note:
The backup device must be located on the same subnet as
the primary device.
To configure a backup device, you must use the CLI or J-Web
configuration editor. You cannot configure a backup device with J-Web
configuration editor.
|
Loopback address
|
The loopback address is the IP address of the services gateway.
The loopback address ensures that the device provides an IP address
to management applications. Because it must always be available to
hosts attempting to route packets to the device, the loopback address
resides on an interface that is always active, known as the loopback
interface (lo0.0).
|
Setting a loopback address ensures that the device can
receive packets addressed to the loopback address as long as the device
is reachable though any entry (ingress) interface. In addition, applications
such as NTP, RADIUS, and TACACS+ can use the loopback address as the
source address for outgoing packets.
If you use the J-Web Quick Configuration Set Up page, you can
either set a loopback address of your choice or have the loopback
address automatically set to 127.0.0.1 when you click Apply or OK to commit the configuration.
|
