Technical Documentation

Configuring clear-text or SSL Service for JUNOScript Client Applications

A JUNOScript client application can use one of four protocols to connect to the JUNOScript server on a router: clear-text (a JUNOScript-specific protocol for sending unencrypted text over a TCP connection), SSH, SSL, or Telnet. For clients to use the clear-text or SSL protocol, you must include JUNOScript-specific statements in the router configuration.

For more information, see the following topics:

  1. Configuring clear-text Service for JUNOScript Client Applications
  2. Configuring SSL Service for JUNOScript Client Applications

Configuring clear-text Service for JUNOScript Client Applications

To configure the router to accept clear-text connections from JUNOScript client applications on port 3221, include the xnm-clear-text statement at the [edit system services] hierarchy level:

[edit system services]xnm-clear-text {<connection-limit limit>;<rate-limit limit>;}

By default, the JUNOScript server supports a limited number of simultaneous clear-text sessions and connection attempts per minute. Optionally, you can include either or both of the following statements to change the defaults:

  • connection-limit limit—Maximum number of simultaneous connections (a value from 1 through 250)The default is 75.
  • rate-limit limit—Maximum number of connection attempts accepted per minute (a value from 1 through 250). The default is 150.

You cannot include the xnm-clear-text statement on routers that run the JUNOS-FIPS software. We recommend that you do not use the clear-text protocol in a Common Criteria environment.

Configuring SSL Service for JUNOScript Client Applications

To configure the router to accept SSL connections from JUNOScript client applications on port 3220, include the xnm-ssl statement at the [edit system services] hierarchy level:

[edit system services]xnm-ssl {local-certificate name;connection-limit limit;rate-limit limit;}

local-certificate is the name of the X.509 authentication certificate used to establish an SSL connection. You must obtain the certificate and copy it to the router before referencing it.

By default, the JUNOScript server supports a limited number of simultaneous SSL sessions and connection attempts per minute. Optionally, you can include either or both of the following statements to change the defaults:

  • connection-limit limit—Maximum number of simultaneous connections (a value from 1 through 250). The default is 75.
  • rate-limit limit—Maximum number of connection attempts accepted per minute (a value from 1 through 250). The default is 150.

Published: 2010-04-26