- Key Features in Junos OS Evolved Release 22.4
- play_arrow Junos OS Evolved Release Notes for PTX10001-36MR, PTX10003, PTX10004, PTX10008, and PTX10016 Devices
- play_arrow What's New
- Hardware
- Authentication and Access Control
- Chassis
- Class of Service
- Ethernet Switching and Bridging
- EVPN
- Interfaces
- Intrusion Detection and Prevention
- IP Tunneling
- Junos Telemetry Interface
- Layer 2 Features
- MPLS
- Network Management and Monitoring
- OpenConfig
- Routing Options
- Routing Policy and Firewall Filters
- Routing Protocols
- Source Packet Routing in Networking (SPRING) or Segment Routing
- Software Installation and Upgrade
- Additional Features
- What's Changed
- Known Limitations
- Open Issues
- Resolved Issues
- Upgrade Your Junos OS Evolved Software
- Licensing
- Finding More Information
- Requesting Technical Support
- Revision History
Authentication and Access Control
Harden shared secrets in Junos OS Evolved (ACX7100, ACX7509, ACX7024, PTX10001-36MR, PTX10003, PTX10004,PTX10008, PTX10016, QFX5130, QFX5700, QFX5220, and QFX5230-64CD)—Starting in Junos OS Evolved Release 22.4R1, you can configure a system primary password and request to decrypt encrypted secrets, allowing for hardening of shared secrets, such as pre-shared keys and RADIUS passwords.
Setting a primary password enables devices to encrypt passwords so that only devices with knowledge of the primary password can decrypt the encrypted passwords. The following CLI commands are supported:
request system decrypt password
set system master-password
VRF support for TCP keychains (ACX7100, ACX7509, ACX7024, PTX10004, PTX10008, PTX10016, QFX5130-32CD, and QFX5700)—Starting in Junos OS Evolved Release 22.4R1, we support virtual routing and forwarding (VRF) for TCP connections with keychain-based authentication. VRF enables you to isolate traffic traversing the network without using multiple devices to segment your network.
[See authentication-key-chains.]