Step 1: Begin
Junos OS is the network operating system that powers our broad portfolio of physical and virtual networking and security products. It comes preinstalled on Juniper devices. In this guide, we show you how to initially configure Junos OS the first time you power on your device, and how to setup user accounts.
Are you interested in getting hands-on experience with the topics and operations covered in this guide? Visit Juniper Networks Virtual Labs and reserve your free sandbox today! You’ll find the Junos Day One Experience sandbox in the stand alone category.
Meet Junos OS
Junos OS helps automates network operations and furthers operational efficiency. With the modular architecture of Junos OS, you can achieve a high level of performance, high availability, security, and device scalability. Generally, Junos OS is preinstalled on your Juniper Networks device when you receive it from the factory. When you first power on the device, all software starts automatically. You then configure the software so that the device can participate in your network.
Initial Configuration
Have the following information ready before you begin your configuration:
A root password
The hostname you want to use to identify the device
The domain name you want to use
The IP address of a DNS server
The management interface name for your device
To find out the management interface for your router, see Supported Routing Engines by Router. To find out the management interface for your switch, see Understanding Management Interfaces.
Here’s how to configure Junos OS for the first time starting from the factory default configuration:
- Connect a laptop or PC to the device's console port.
- Power on the device and wait for it to boot.
Junos OS boots automatically. You’ll know the boot process is complete when you see the login: prompt on the screen.
- Log in as the user root.
Initially, you won't need a password for the root user account. When you're the root user, the prompt on the device shows the username root@#.
- Type cli to start the Junos
OS command-line interface (CLI).root@# cliroot@>
- Type configure to access configuration
mode:cli> configure[edit]root@#
- Configure the hostname of the device.
We don’t recommend using spaces in the hostname.
[edit]root@# set system host-name hostname - Configure the device domain name.[edit]root@# set system domain-name domain-name
- Configure the IP address and prefix length for the device
management Ethernet interface.
The management Ethernet interface provides a separate out-of-band management network for the device.
[edit]root@# set interfaces management-interface unit 0 family inet address address/prefix-length - Configure a static (default) route for the management
interface. In most cases your router will need to reach destinations
that are not local to the management subnet. This route should point
to a gateway that is directly reachable over the management network. [edit]root@re0# set routing-options static route 0.0.0.0/0 next-hop address
- Configure the IP address of a backup or default network
device.
The backup device is only used when the routing protocol process (rpd) isn't running. This route is used on the primary routing engine during initial boot, and on the backup routing engine (which does not run rpd).
For devices with two routing engines, RE1 is the default backup routing engine and RE0 is the default primary routing engine. RE1 uses the backup device as a default gateway after the device boots. This enables you to access the backup routing engine. Choose a backup device that's directly connected to your device through the management interface. The default gateway is commonly used as the default backup device.
[edit]root@# set system backup-router address - Configure the IP address of a Domain Name System (DNS)
server.
The DNS server translates hostnames into IP addresses.
[edit]root@# set system name-server address - (Optional) Delete the factory default configuration commit.
Junos OS has a default factory configuration that automatically loads upon system startup. If you've made changes to the configuration, the default factory configuration will override your changes on system startup. To avoid this issue, delete the commit factory-settings statement at the [edit system] hierarchy level.
[edit]root@# delete system commit factory-settings - (Optional) Disable automatic software downloads.
By default, Junos OS will automatically download software upgrades using Zero Touch Provisioning (ZTP) when a device is booted. To disable this feature, delete the auto-image-upgrade statement under the [edit chassis] hierarchy level.
[edit]root@# delete chassis auto-image-upgrade - Set the root password.
The root password can be a plain-text password that the system will encrypt, a password that is already encrypted, or an SSH public key string.
To enter a plain-text password:
[edit]root@# set system root-authentication plain-text-passwordNew password: type passwordRetype new password: retype passwordTo enter a password that is already encrypted:
[edit]root@# set system root-authentication encrypted-password encrypted-passwordTo enter an SSH public key string:
[edit]root@# set system root-authentication ssh-rsa key
- Enable remote access using SSH.
By default the root user can only log in on the console port, and that root login is not permitted over Telnet connections. In this example we enable remote access for the root user using ssh.
[edit]root@re0# set system services ssh root-login allow - (Optional) Display the configuration
statements.[edit]root@ showsystem {host-name hostname;domain-name domain.name;backup-router address;root-authentication {(encrypted-password "password" | public-key);ssh-rsa "public-key";}name-server {address;}interfaces {fxp0 {unit 0 {family inet {address address ;}}}}}
On devices that use management Ethernet interface em0, you’ll see em0 in place of fxp0 in the show command output.
- (Optional) Disable DHCP.
DHCP services automate assigning network-parameters to network devices. The DHCP service process is enabled by default. To disable this feature, use the dhcp-service disable configuration statement at the [edit system processes] hierarchy level.
[edit]root@# set system processes dhcp-service disable - Commit the changes to activate the configuration on the
device:[edit]root@# commit
Once you commit the configuration, you’ll see the hostname you configured after the username in the CLI prompt, for example, user@hostname#.
The initial configuration is now complete.
- Exit from CLI configuration mode.[edit]root@hostname# exitroot@hostname>
Back Up the Configuration
After you commit the configuration and the new configuration is running successfully, run the request system snapshot command to back up the new software to the file system on your hard drive. If you don’t run the request system snapshot command, the configuration on the backup device will be out-of-sync with the configuration on the primary device. Depending on the device model, you may need to insert a supported USB storage device for the snapshot to succeed.