Friday, February 1, 2013

Chapter 15 - Junos Pulse Chassis Management

Junos Pulse Chassis Management

So


The CMC Chassis Management is the top left corner.
It allows you to manage the Chassis itself.

This is available on the 6610 and 6611
Runs Junos OS.
Gives you a Visual representation of the Chassis.



Nice,
It says SA for Secure Access
and IC for UAC
SSO for all the modules.

Configuration 
You need to console in
Run the EZsetup wizard
System Hostname    CM2
Root password
Enable Telnet
Enable SSH   [yes]
configure management EM0.0
IP
Subnet
Gateway
Configure SNMP   [yes]
Contact information for the administrator
community name for the SNMP
Physical location   optional
System time and date
Time zone [yes]   you will select it from the list.

YES  will configure the settings you have done.

OK from the device
root@CM2 >  request security pki generate-key-pair certificate-id   local_cert
root@CM2 >  request security pki generate-certificate-request certificate-id   local_cert1 domain-name cm2.pulse.local subject 

 this will generate the certificate request which you can submit to the CA.

When you are done you can load the certificate to the CM-060 using FTP or SCP
load it to local storage
request security pki loacl-certificate load filename /var/tmp/cm.2.cer  certificate-id local_cert1

 edit  goes into configure mode
#set system services web-managemenet https port 443 interface em0.0 pki-local-certificate LOCAL_CERT1


So we generated a key-pair
generated a certificate request based on the pair.
Sent this to a server and got back a file answer.
Uploaded this file to the CMC using FTP SCP
Then we loaded it up to device from a our upload location
Then associated it with HTTPS so this will enable https with the certificate on the interface.

Only the management port supports SSO
Clocks must be synchronized to 5minutes or less.
Add the certiifcate to the Auth Servers on the Service modules.

To configure SSO You need to configure the address.
Configure > System proerties > Blade Single Sign On
then change the FPC for each blade.

On each SM you need to import the same certificate you got on the CMC.
- System  > Auth Servers          Chassis Auth Server
upload certificate

Click to launch SSO and you will be in the device of your choice.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)