Juniper SRX340 Hardware Manual
  1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Gateway
  5. SRX340
  6. Hardware manual
Juniper SRX340 Hardware Manual

Juniper SRX340 Hardware Manual

Services gateway
Hide thumbs Also See for SRX340:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Hardware Manual

Advertisement

Table of Contents
loading

Related Manuals for Juniper SRX340

Summary of Contents for Juniper SRX340

  • Page 3 SRX340 Services Gateway Hardware Guide Modified: 2016-10-28 Copyright © 2016, Juniper Networks, Inc.

  • Page 4: Port

    END USER LICENSE AGREEMENT The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at http://www.juniper.net/support/eula.html.
  • Page 5 SRX340 Services Gateway Description ........3...
  • Page 6 Unpacking the SRX340 Services Gateway ......45 Unpacking the SRX340 Services Gateway ....... 45 Verifying Parts Received with the SRX340 Services Gateway .
  • Page 7 About the Guided Setup Mode ........69 Accessing the CLI on the SRX340 Services Gateway ..... . . 70 Connecting to the SRX340 Services Gateway from the CLI Remotely .
  • Page 8 Agency Approvals and Regulatory Compliance Information ... . 125 SRX340 Services Gateway Agency Approvals ......125 SRX340 Services Gateway Acoustic Noise Compliance Statements .
  • Page 9 Index ............131 Copyright © 2016, Juniper Networks, Inc.

  • Page 10: Gateway

    Agency Approvals and Regulatory Compliance Information SRX340 Services Gateway Agency Approvals on page 125 SRX340 Services Gateway Acoustic Noise Compliance Statements on page 126 SRX340 Services Gateway EMC Requirements on page 127 SRX340 Services Gateway Agency Approvals The services gateway complies with the following standards: Safety CAN/CSA-C22.2 No.60950-1 (2007) Information Technology Equipment...

  • Page 11: Gateway

    Reduction of Hazardous Substances (ROHS) 6 Telco Common Language Equipment Identifier (CLEI) code Related SRX340 Services Gateway Acoustic Noise Compliance Statements on page 126 Documentation SRX340 Services Gateway EMC Requirements on page 127 SRX340 Services Gateway Acoustic Noise Compliance Statements The maximum emitted sound pressure level is 70 dB(A) or less per EN ISO 7779.

  • Page 12: Gateway

    Chapter 29: Agency Approvals and Regulatory Compliance Information SRX340 Services Gateway EMC Requirements Canada This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe A est conforme à la norme NMB-003 du Canada. European Community This is a Class A product.
  • Page 13 SRX340 Services Gateway Hardware Guide Related SRX340 Services Gateway Agency Approvals on page 125 Documentation SRX340 Services Gateway Acoustic Noise Compliance Statements on page 126 Copyright © 2016, Juniper Networks, Inc.
  • Page 14 • SRX340: Securely connecting midsize distributed enterprise branch offices, the SRX340 Services Gateway consolidates security, routing, switching, and WAN connectivity in a 1 U form factor. The SRX340 supports up to 3 Gbps firewall and 600 Mbps IPsec VPN in a single, consolidated, cost-effective networking and security platform.
  • Page 15 For the perimeter, the SRX300 line offers a comprehensive SRX300 services gateways run Juniper Networks Junos operating suite of application security services, threat defenses, and system, a proven, carrier-hardened network OS that powers intelligence services.
  • Page 16 • L2/L3 MPLS VPN, pseudowires • Persistent NAT • Virtual private LAN service (VPLS), next-generation • IPv6 address translation multicast VPN (NG-MVPN) • User role-based firewall • MPLS traffic engineering and MPLS fast reroute Available as part of Juniper Secure Edge (JSE) software package.
  • Page 17 RoHS 2 RoHS 2 RoHS 2 Available as part of Juniper Secure Edge (JSE) software package or advanced security subscription licenses. Offered as advanced security services subscription licenses. PoE ports on SRX320 available as a separate SKU SRX320-POE SRX320 non POE model...
  • Page 18 SRX300 Line of Services Gateways for the Branch Data Sheet Performance and Scale Parameter SRX300 SRX320 SRX340 SRX345 Routing with packet mode (64 B packet size) in Kpps Routing with packet mode (IMIX packet size) 1,600 2,300 in Mbps Routing with packet mode (1,518 B packet size)
  • Page 19 Copyright 2016 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos and QFabric are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners.
  • Page 20 ® Junos Standards Reference Modified: 2017-02-13 Copyright © 2017, Juniper Networks, Inc.
  • Page 21 END USER LICENSE AGREEMENT The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at http://www.juniper.net/support/eula.html.
  • Page 22 Supported L2TP Standards ......... . . 30 Copyright © 2017, Juniper Networks, Inc.
  • Page 23 Supported VPLS Standards ......... . . 75 Copyright © 2017, Juniper Networks, Inc.
  • Page 24 RFC 2545, Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing RFC 2796, BGP Route Reflection – An Alternative to Full Mesh IBGP RFC 2858, Multiprotocol Extensions for BGP-4 RFC 2918, Route Refresh Capability for BGP-4 Copyright © 2017, Juniper Networks, Inc.

  • Page 25: Labels

    RFC 5492, Capabilities Advertisement with BGP-4 RFC 5575, Dissemination of flow specification rules RFC 5668, 4-Octet AS Specific BGP Extended Community RFC 6368, Internal BGP as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs) Copyright © 2017, Juniper Networks, Inc.
  • Page 26 RFC 2270, Using a Dedicated AS for Sites Homed to a Single Provider Internet draft draft-ietf-ngtrans-bgp-tunnel-04.txt, Connecting IPv6 Islands across IPv4 Clouds with BGP (expires July 2002) Related Supported IPv6 Standards on page 58 Documentation Accessing Standards Documents on the Internet on page 3 Copyright © 2017, Juniper Networks, Inc.
  • Page 27 RFC 6106, IPv6 Router Advertisement Options for DNS Configuration Related Supported IPv4, TCP, and UDP Standards on page 56 Documentation Supported IPv6 Standards on page 58 Accessing Standards Documents on the Internet on page 3 Copyright © 2017, Juniper Networks, Inc.
  • Page 28 The IETF classifies them variously as “Best Current Practice,” “Experimental,” or “Informational.” RFC 1075, Distance Vector Multicast Routing Protocol RFC 2362, Protocol Independent Multicast-Sparse Mode (PIM-SM): Protocol Specification Copyright © 2017, Juniper Networks, Inc.
  • Page 29 RFC 793, TRANSMISSION CONTROL PROTOCOL - DARPA INTERNET PROGRAM PROTOCOL SPECIFICATION RFC 826, Ethernet Address Resolution Protocol—or—Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware RFC 854, TELNET PROTOCOL SPECIFICATION RFC 855, TELNET OPTION SPECIFICATIONS Copyright © 2017, Juniper Networks, Inc.

  • Page 30: Gateway

    RFC 5798, Virtual Router Redundancy Protocol (VRRP) Version 3 for IPv4 and IPv6 RFC 6527, Definitions of Managed Objects for the Virtual Router Redundancy Protocol Version 3 (VRRPv3) The following features are not supported: Row creation operation MIB object vrrpv3StatisticsRowDiscontinuityTime MIB object vrrpv3StatisticsPacketLengthErrors Copyright © 2017, Juniper Networks, Inc.
  • Page 31 RFC 2545, Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing RFC 2578, Structure of Management Information Version 2 (SMIv2) RFC 2675, IPv6 Jumbograms RFC 2711, IPv6 Router Alert Option RFC 2740, OSPF for IPv6 (partial support for RFC 5340) Copyright © 2017, Juniper Networks, Inc.
  • Page 32 RFC 4293, Management Information Base for the Internet Protocol (IP) RFC 4294, IPv6 Node Requirements (Partial support) RFC 4443, Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification RFC 4552, Authentication/Confidentiality for OSPFv3 Copyright © 2017, Juniper Networks, Inc.
  • Page 33 Internet draft draft-ietf-l3vpn-bgp-ipv6-07.txt, BGP-MPLS IP VPN extension for IPv6 Internet draft draft-ietf-idr-flow-spec-00.txt, Dissemination of flow specification rules Internet draft draft-ietf-softwire-dual-stack-lite-04.txt, Dual-Stack Lite Broadband Deployments Following IPv4 Exhaustion Internet draft draft-kato-bgp-ipv6-link-local-00.txt, BGP4+ Peering Using IPv6 Link-local Address Copyright © 2017, Juniper Networks, Inc.
  • Page 34 RFC 5286, Basic Specification for IP Fast Reroute: Loop-Free Alternates RFC 5301, Dynamic Hostname Exchange Mechanism for IS-IS RFC 5302, Domain-Wide Prefix Distribution with Two-Level IS-IS RFC 5303, Three-Way Handshake for IS-IS Point-to-Point Adjacencies RFC 5304, IS-IS Cryptographic Authentication Copyright © 2017, Juniper Networks, Inc.
  • Page 35 OSPF and OSPF version 3 (OSPFv3). RFC 1583, OSPF Version 2 RFC 1765, OSPF Database Overflow RFC 1793, Extending OSPF to Support Demand Circuits RFC 1850, OSPF Version 2 Management Information Base Copyright © 2017, Juniper Networks, Inc.
  • Page 36 RFC 5187, OSPFv3 Graceful Restart RFC 5250, The OSPF Opaque LSA Option NOTE: RFC 4750, mentioned in this RFC as a "should" requirement is not supported. However, RFC 1850, the predecessor to RFC 4750 is supported. Copyright © 2017, Juniper Networks, Inc.
  • Page 37 The IETF classifies it as “Informational.” RFC 2081, RIPng Protocol Applicability Statement Related Supported IPv4, TCP, and UDP Standards on page 56 Documentation Supported IPv6 Standards on page 58 Accessing Standards Documents on the Internet on page 3 Copyright © 2017, Juniper Networks, Inc.
  • Page 38 ® Junos Network Management Administration Guide Modified: 2017-03-24 Copyright © 2017, Juniper Networks, Inc.

  • Page 39: United States

    END USER LICENSE AGREEMENT The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at http://www.juniper.net/support/eula.html.

  • Page 40: Table Of Contents

    Enterprise-Specific SNMP Traps Supported by Junos OS ....64 Juniper Networks Enterprise-Specific SNMP Version 1 Traps ... . . 64 Juniper Networks Enterprise-Specific SNMP Version 2 Traps .
  • Page 41 Configuring the Local Engine ID ........126 Copyright © 2017, Juniper Networks, Inc.
  • Page 42 Example: Configuring the Remote Engine ID and Remote User ....151 Configuring the Inform Notification Type and Target Address ....154 Copyright © 2017, Juniper Networks, Inc.

  • Page 43: About The Documentation

    ® To obtain the most current version of all Juniper Networks technical documentation, see the product documentation page on the Juniper Networks website at http://www.juniper.net/techpubs/ If the information in the latest release notes differs from the information in the documentation, follow the product Release Notes.

  • Page 44: Snmp Overview

    SNMP traps. A typical SNMP implementation includes three components: Managed device SNMP agent Network management system (NMS) Copyright © 2017, Juniper Networks, Inc.
  • Page 45 “Configuring SNMP on Devices Running Junos OS” on page The SNMP implementation in Junos OS uses both standard (developed by the IETF and documented in RFCs) and enterprise-specific (developed and supported by specific vendors) MIBs. Copyright © 2017, Juniper Networks, Inc.
  • Page 46 Subsequent attempts occur at progressive intervals of 1 minute, 2 minutes, 4 minutes, and 8 minutes. The maximum delay between the attempts is 8 minutes, and the maximum number of Copyright © 2017, Juniper Networks, Inc.

  • Page 47: Snmpv3 Overview

    USM protects against message delays and message replays by using time indicators and request IDs. Encryption is also available. Copyright © 2017, Juniper Networks, Inc.
  • Page 48 Defining Access Privileges for an SNMP Group on page 132 Configuring SNMPv3 Traps on a Device Running Junos OS on page 139 Configuring SNMP Informs on page 149 Related Minimum SNMPv3 Configuration on a Device Running Junos OS on page 122 Documentation Copyright © 2017, Juniper Networks, Inc.

  • Page 49: Snmp Mibs And Traps Supported By Junos Os

    Provides support for monitoring firewall SRX Series and vSRX authentication, including data about the users trying to access firewall-protected resources and the firewall authentication service itself. Alarm MIB Provides information about alarms from All platforms the router chassis. Copyright © 2017, Juniper Networks, Inc.

  • Page 50: Standard Snmp Version 2 Traps

    For more information about system log messages, see System Log Messages Configuration Guide. Table 10: Standard Supported SNMP Version 2 Traps System Logging Severity Defined in Trap Name snmpTrapOID Level Syslog Tag Supported On Startup Notifications Copyright © 2017, Juniper Networks, Inc.
  • Page 51 1.3.6.1.2.1.81.0.3 Info SNMP_TRAP_TRACE_ All devices running traceRouteTestCompleted ROUTE_TEST_ Junos OS. COMPLETED RMON Alarms RFC 2819a, RMON 1.3.6.1.2.1.16.0.1 – – All devices running fallingAlarm Junos OS. risingAlarm 1.3.6.1.2.1.16.0.2 – – All devices running Junos OS. Copyright © 2017, Juniper Networks, Inc.
  • Page 52 – All devices running ospfTxRetransmit Junos OS. 1.3.6.1.2.1.14.16.2.11 – – All devices running ospfVirtIfTxRetransmit Junos OS. 1.3.6.1.2.1.14.16.2.13 – – All devices running ospfMaxAgeLsa Junos OS. ospfIfStateChange 1.3.6.1.2.1.14.16.2.16 – – All devices running Junos OS. Copyright © 2017, Juniper Networks, Inc.
  • Page 53 RFC 2787, vrrpTrapNewMaster 1.3.6.1.2.1.68.0.1 Warning VRRPD_ All devices running Definitions of NEWMASTER_ TRAP Junos OS. Managed Objects for the Virtual 1.3.6.1.2.1.68.0.2 Warning VRRPD_AUTH_ All devices running vrrpTrapAuthFailure Router FAILURE_ TRAP Junos OS. Redundancy Protocol Copyright © 2017, Juniper Networks, Inc.

  • Page 54: Enterprise-Specific Snmp Traps Supported By Junos Os

    MX Series PTX Series T Series This topic provides the list of Juniper Networks enterprise-specific SNMPv1and SNMPv2 traps supported on devices running Junos OS. For more information about traps see SNMP MIB Explorer Juniper Networks Enterprise-Specific SNMP Version 1 Traps on page 64...

Table of Contents