Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Software Installation and Upgrade

  • Zero touch provisioning on WAN interfaces (PTX10002-36QDD)—Zero Touch Provisioning (ZTP) dynamically detects the port speed of WAN interfaces and uses this information to create ZTP client ports with the same speed. ZTP automatically cycles through the WAN ports until it receives Dynamic Host Control Protocol (DHCP) options from the DHCP server. The device uses the DHCP options to perform the bootstrap process.

    [See Zero Touch Provisioning.]

  • Secure Zero Touch Provisioning (PTX10002-36QDD)—You can use RFC-8572-based secure zero touch provisioning (SZTP) to bootstrap your remotely located network devices that are in a factory-default state. SZTP enables mutual authentication between the bootstrap server and the network device before the remote network device is accessed for initiating zero touch provisioning.

    To enable mutual authentication, you need a unique digital voucher, which is generated based on the DevID (Digital Device ID or Cryptographic Digital Identity) of the network device. The DevID is embedded inside the Trusted Platform Module (TPM) 2.0 chip on the network device. Juniper Networks issues a digital voucher to customers for each eligible network device.

    See Secure Zero Touch Provisioning and Generate Secure ZTP Vouchers.

  • Switching between Secure ZTP and ZTP on secure platforms (PTX10002-36QDD)—You can switch between using secure zero touch provisioning (SZTP) and zero touch provisioning (ZTP) on secure platforms. To override the default behavior of your secure device, you can issue the request system zeroize ztp-option secure disable command. When you issue this command, the CLI checks to see if the default platform behavior is secure. If the default platform is secure, the device will run ZTP after you reboot. If the default platform is not secure, the process ends. When you issue the request system zeroize ztp-option secure enable command, the CLI checks to see if the platform behavior is secure. If the default platform is secure, the process ends. If the platform isn’t secure, you will receive an error that says the platform is not secure and cannot switch to SZTP. The process ends.

    See Switching between Secure Zero Touch Provisioning and Zero Touch Provisioning