Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Authentication and Access Control

  • Harden shared secrets in Junos OS Evolved (ACX7100, ACX7509, ACX7024, PTX10001-36MR, PTX10003, PTX10004,PTX10008, PTX10016, QFX5130, QFX5700, QFX5220, and QFX5230-64CD)—Starting in Junos OS Evolved Release 22.4R1, you can configure a system primary password and request to decrypt encrypted secrets, allowing for hardening of shared secrets, such as pre-shared keys and RADIUS passwords.

    Setting a primary password enables devices to encrypt passwords so that only devices with knowledge of the primary password can decrypt the encrypted passwords. The following CLI commands are supported:

    • request system decrypt password

    • set system master-password

    [See Master Password for Configuration Encryption.]

  • VRF support for TCP keychains (ACX7100, ACX7509, ACX7024, PTX10004, PTX10008, PTX10016, QFX5130-32CD, and QFX5700)—Starting in Junos OS Evolved Release 22.4R1, we support virtual routing and forwarding (VRF) for TCP connections with keychain-based authentication. VRF enables you to isolate traffic traversing the network without using multiple devices to segment your network.

    [See authentication-key-chains.]