There is a very detailed day one book
Securing the Routing Engine on M, MX, and T Series
http://www.juniper.net/us/en/community/junos/training-certification/day-one/fundamentals-series/securing-routing-engine/
Nitzan
On Tue, Jan 14, 2014 at 8:07 PM, joel jaeggli wrote:
> On 1/13/14, 8:10 PM,
Loopback address isn't explicitly assigned to an interface. Assigning it
resolves various issues. See
http://forums.juniper.net/t5/Ethernet-Switching/NTP-Not-working/m-p/224757.
set interfaces lo0.0 family inet address 127.0.0.1/32
As for NTP, and other stuff for the RE itself, I use same ap
On 1/13/14, 8:10 PM, Mark Tees wrote:
> Thanks Ben I will review those links.
>
> I have the MX book and have read a decent portion of it. Thats what I was
> referring to. A quick glance shows some similar examples as to what was in
> the MX book. Same author so it makes sense.
RFC 6192
http://t
On (2014-01-14 14:36 +), Per Granath wrote:
> # show firewall
> firewall {
>family inet {
> filter protect_RE {
> term NTP {
> from {
>source-prefix-list {
> ntp-servers;
> lo0.0-inet-address;
> }
On Tue, Jan 14, 2014 at 1:31 AM, Mark Tinka wrote:
> On Tuesday, January 14, 2014 12:39:34 AM John Neiberger
> wrote:
>
>> It doesn't have a forwarding class named VOIP-BEARER at
>> all. So, how in the world does matching on a forwarding
>> class in a firewall filter work? How does the filter
>> k
On 01/14/2014 09:19 AM, Chris Adams wrote:
> Once upon a time, Olivier Benghozi said:
>> Because if you don't do it, you'll obtain some nice "Server Timeout" if you
>> want to issue a "show ntp status" or "show ntp associations".
>> So:
>> - Junos doesn't use 127.0.0.1 to locally communicate wi
# show policy-options
policy-options {
prefix-list lo0.0-inet-address {
apply-path "interfaces lo0 unit 0 family inet address <*>";
}
prefix-list ntp-servers {
apply-path "system ntp server <*>";
}
}
# show firewall
firewall {
family inet {
filter protect_RE {
Once upon a time, Olivier Benghozi said:
> Because if you don't do it, you'll obtain some nice "Server Timeout" if you
> want to issue a "show ntp status" or "show ntp associations".
> So:
> - Junos doesn't use 127.0.0.1 to locally communicate with ntpd
> - In you filters you're obliged to manual
Hello,
Mike Williams (Tue 2014-01-14 11:54:52 +) :
> cat file | ssh -T router
+1
Alternatively, you can use the 'jlogin' command from rancid
(http://www.shrubbery.net/rancid/, packaged for all good Linux
distributions and *BSD) :
jlogin -x file router
Before that, setup a '.cloginrc'
I'm not so familiar with.
Any example available ?
Tks
Date: Tue, 14 Jan 2014 11:19:40 +
Subject: Re: [j-nsp] batch on junos ?
From: m...@geordish.org
To: dim0...@hotmail.com
CC: juniper-nsp@puck.nether.net
I believe this should be possible to do with Junoscript.
Dave
On 14 January 2014 1
On Tuesday 14 January 2014 10:28:43 R S wrote:
> Is there a way to run a sort of .bat on SRX junos ?
>
> I mean, to run a single command from cli to do some actions (set xxx/ set
> yyy/ commit check / commit) ?
>
> This is useful to be runned by NOC for scheduled action every day.
>
> Tks
In a
But due to another ridiculous way of implementing that, the Juniper KB article
suggests to also allow:
;
and not only your favorite ntp servers...
Because if you don't do it, you'll obtain some nice "Server Timeout" if you
want to issue a "show ntp status" or "show ntp associations".
So:
- Junos
I believe this should be possible to do with Junoscript.
Dave
On 14 January 2014 10:28, R S wrote:
> Is there a way to run a sort of .bat on SRX junos ?
>
> I mean, to run a single command from cli to do some actions (set xxx/ set
> yyy/ commit check / commit) ?
>
> This is useful to be runned
On 1/14/2014 午後 07:28, R S wrote:
Is there a way to run a sort of .bat on SRX junos ?
I mean, to run a single command from cli to do some actions (set xxx/ set yyy/
commit check / commit) ?
This is useful to be runned by NOC for scheduled action every day.
Tks
Is there a way to run a sort of .bat on SRX junos ?
I mean, to run a single command from cli to do some actions (set xxx/ set yyy/
commit check / commit) ?
This is useful to be runned by NOC for scheduled action every day.
Tks
___
On 1/14/2014 2:37 PM, Mark Tinka wrote:
On Tuesday, January 14, 2014 03:54:29 AM John Kristoff
wrote:
IOS devices, at least those with which I'm familiar,
don't implement the full specification that includes
mode 6/7 functions so they can be somewhat less bad from
an amplification perspective.
On Tuesday, January 14, 2014 03:54:29 AM John Kristoff
wrote:
> IOS devices, at least those with which I'm familiar,
> don't implement the full specification that includes
> mode 6/7 functions so they can be somewhat less bad from
> an amplification perspective.
We generally apply ACL's to Cisco
On Tuesday, January 14, 2014 12:39:34 AM John Neiberger
wrote:
> It doesn't have a forwarding class named VOIP-BEARER at
> all. So, how in the world does matching on a forwarding
> class in a firewall filter work? How does the filter
> know which forwarding class is being referenced if you
> matc
18 matches
Mail list logo
