Srx650 Services Gateway Secure Cli Access Overview; Configuring Basic Settings For The Srx650 Services Gateway With The Cli Or The J-Web Interface - Juniper SRX650 Hardware Manual

Services gateway

Hide thumbs Also See for SRX650:

Hardware manual (182 pages)

Quick start (4 pages)

Installing (2 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

Table of Contents

Documentation

SRX650 Services Gateway Secure CLI Access Overview

Without SSL encryption, communication between your services gateway and the browser

is sent in the open and can be intercepted. We recommend that you enable HTTPS access

on your WAN interfaces.

On services gateways, HTTP access is enabled by default on the built-in management

interfaces. By default, HTTPS access is supported on any interface with an SSL server

certificate.

You can use the J-Web interface or the CLI to configure secure Web access.

Before you configure secure Web access for the first time, you must complete the following

tasks:

Establish basic connectivity.

Obtain an SSL certificate from a trusted signing authority.

For more details about configuring secure web access on your services gateway, see the

Initial Configuration for Security Devices

SRX650 Services Gateway Software Configuration Overview on page 97

Performing Initial Software Configuration on the SRX650 Services Gateway Using the

Setup Wizard

Configuring Basic Settings for the SRX650 Services Gateway with the CLI or the J-Web

Interface on page 113

Telnet allows you to connect to the SRX650 Services Gateway and access the CLI to

execute commands from a remote system. Telnet connections are not encrypted and

therefore can be intercepted.

NOTE:

Telnet access to the root account is prohibited. You must use more

secure methods, such as SSH, to log in as

SSH provides the following features:

Allows you to connect to the services gateway and to access the CLI to execute

commands from a remote system

Unlike Telnet, encrypts traffic so that it cannot be intercepted

Can be configured so that connections are authenticated by a digital certificate

Uses public–private key technology for both connection and authentication

The SSH client software must be installed on the machine where the client application

runs. If the SSH private key is encrypted (for greater security), the SSH client must be

able to access the passphrase used to decrypt the key.

Chapter 19: Performing Initial Configuration

root

103

Table of Contents

Chapters

Table of Contents

Srx650 Services Gateway Secure Cli Access Overview; Configuring Basic Settings For The Srx650 Services Gateway With The Cli Or The J-Web Interface - Juniper SRX650 Hardware Manual

SRX650 Services Gateway Secure CLI Access Overview

Chapters

Troubleshooting

Related Manuals for Juniper SRX650

Related Content for Juniper SRX650

Table of Contents