Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


SRX650 Services Gateway Basic Settings


Table 1 provides information on basic connectivity settings.

Table 1: Services Gateway Basic Connectivity Settings Details




Device identification

The hostname defines the network or subnetwork to which your services gateway belongs.

The hostname refers to the specific machine, while the domain name is shared among all devices in a given network. Together the hostname and domain name identify the device in the network.

Root password

Initially, the root password is not defined on the device. To ensure basic security, you must define the root password during initial configuration. If a root password is not defined, you cannot commit configuration settings on the device.

Note: The root password is mandatory.

Note: If you use a plaintext password, the device displays the password as an encrypted string so that users viewing the configuration cannot see it.

The root password must meet the following criteria:

  • Must be at least six characters long

  • Can include most character classes (alphabetic, numeric, and special characters), except control characters

  • Must contain at least one change of case or character class

Note: For Common Criteria environments only, the password must be between 10 and 20 characters long and must include at least 3 of the 5 character classes (uppercase letters, lowercase letters, punctuation marks, numbers, and other special characters). Control characters are not recommended. For more information, see the Configuration Guides for Junos OS Public Sector Certifications.

Network settings

A Domain Name System (DNS) server on the network maintains a database for resolving hostnames and IP addresses. Network devices can query the DNS server by hostnames rather than IP addresses. The services gateway accesses the DNS servers that are added to the configuration to resolve hostnames in the order in which you list them.

If you plan to include your device in several domains, add these domains to the configuration so that they are included in a DNS search. When DNS searches are requested, the domain suffixes are appended to the hostnames.

Default gateway

A default gateway is a static route that is used to direct packets addressed to networks not explicitly listed in the routing table. If a packet arrives at the services gateway with an address for which the device does not have routing information, the services gateway sends the packet to the default gateway.

The default gateway entry is always present in the routing and forwarding tables.

Time zone and system time

You define the time zone for the location where you plan to operate the services gateway by using a designation that consists of the following information for the location:

  • Name of the continent or ocean—for example, America or Pacific

  • Name of the major city or other geographic feature in the time zone—for example, Boston or Azores

A Network Time Protocol (NTP) server provides accurate time across a network. The device synchronizes the system time with the NTP server and periodically accesses the NTP server to maintain the correct time.

The time zone and system time must be accurate so that the device schedules events and operations as expected.

Note: For Common Criteria compliance, you must configure NTP to provide accurate timestamps for system log messages. For more information, see the Configuration Guides for Junos OS Public Sector Certifications

Backup device

Note: This feature will be supported in a future release.

You can specify a backup device to take over when the routing protocol process of the services gateway is not running:

  • When the services gateway is starting.

  • When its routing protocol process has failed. In this situation, packets arriving at a services gateway are routed to the backup device. When the routing protocol process starts up again, the address of the backup device is removed from the routing and forwarding tables of the services gateway.

Note: The backup device must be located on the same subnet as the primary device.

To configure a backup device, you must use the CLI. You cannot configure a backup device using J-Web.