Here is sample SNMPv2 and SNMPv3 configuration in Juniper routers. It also detailed on configuring SNMP trap for your Network Monitoring System(NMS). SNMPv2c community: snmpcomm123 management IP address: 192.168.10.100 SNMP Polling Server: 192.168.20.199 SNMP Trap Server: 192.168.20.200 Configuration: set snmp name JUNIPER-SNMP set snmp description “Juniper SNMP” set snmp location Datacentre set snmp community snmp routing-instance mgmt_junos set snmp community snmpcomm123 clients 192.168.10.100/32 Traps Configuration: set snmp trap-options source-address 192.168.10.100 set snmp trap-options agent-address outgoing-interface set snmp trap-group SNMPGROUP version…
Free Network Posts
In related to configuring management interface in Juniper, NTP traffic should go via the management port and not through the data ports. Pre-requisite configuration can be found here: https://freenetworktutorials.com/configuring-management-interface-in-juniper-routers/ NTP Server1: 192.168.10.101 NTP Server1: 192.168.10.102 Configuration: set system ntp server 192.168.10.101 routing-instance mgmt_junos set system ntp server 192.168.10.102 routing-instance mgmt_junos set system ntp source-address 172.16.0.100 routing-instance mgmt_junos where: 172.16.0.100 is your management (em0) interface IP Sample Firewall configuration: set firewall family inet filter FIREWALL-RE term NTP-PERMIT from source-prefix-list NTP-LIST set…
One of the best security practices in networking is separation of management traffic and data/control traffic. One way to achieve this is to use the management ports of Juniper devices to physically connect it preferably to different network. The management Ethernet interface is usually em0 or fxp0 in Juniper, and provides out-of-band(OOB)management network of the device. Assuming UTP cables are already connected to both management ports of both routing engine (RE) of the Juniper devices, here are the steps to…
As per Cisco official site definition of FPD: An FPD refers to any programmable hardware device on a router, which includes a Field Programmable Gate Array (FPGA) and Read Only Memory Monitor (ROMMON). Cisco IOS® XR routers use a number of FPDs that are crucial for the function of route processors, line cards, shared port adapters (SPAs), SPA Interface Processors (SIPs), and fan trays.Sample of upgrading fpd in ASR9000 running in IOS-XR. Linecard used is 24x10GE Tomahawk linecard.A. Check first…
SSH Configuration Examples in Cisco (IOS,IOS-XE,NX-OS,IOS-XR) Here are the configuration examples: whereas: 192.168.100.100 = Jumphost IP (Allowed IP to SSH into the device)Prerequisites in configuring SSH for Cisco devices include SSH key generation, please refer to Cisco Official Documentation. command: crypto key generate rsaPreferably, RSA key bits at least 2048, else use 1024 for better securityIOS: ip ssh version 2 line vty 0 4 access-class 101 in exec-timeout 5 0 password 7 01234ABC login authentication VTY transport input ssh access-list…
Configuring Cisco to authenticate (also including authorization and accounting) to Tacacs+ server 10.10.10.10 – Tacacs+ AAA server IOS: aaa authentication login VTY group tacacs+ line aaa authentication enable default group tacacs+ enable aaa authorization commands 1 default group tacacs+ none aaa authorization commands 15 default group tacacs+ none aaa accounting exec default start-stop group tacacs+ aaa accounting commands 1 default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ tacacs-server host 10.10.10.10 single-connection tacacs-server key 7 1234567890 ip…
Static Route Configuration Examples in Cisco (IOS-XR) for BGP aggregated prefix advertisements In order to advertise the aggregated routes (and default routes) via BGP, it should exists in the routing table, that’s the #1 rule. If these summarized routes (/16) are not existing and only smaller subnets are learned via the IGP(e.g. OSPF,IS-IS), then configure static route and next hop e.g. Null0. Configuration: router static address-family ipv4 unicast 0.0.0.0/0 Null0 172.16.0.0/16 Null0 address-family ipv6 unicast ::/0 Null0 fd41:c8be:2153:f400::/64 Null0 In…
Originating BGP advertisement can be configured to any iBGP peer router. Here’s the sample configuration of originating BGP routes and community tagging in Cisco Assuming these are the summarized prefixes that you want to advertise via BGP. 111.111.0.0/16 222.222.0.0/16 Configuration: Configure the prefix-set prefix-set SITE1 111.111.0.0/16, 222.222.0.0/16 end-set 2. Configure the community route-policy bgp-statement if destination in SITE1 then set community (12345:111) endif end-policy 3. Configure BGP router bgp 11111 nsr bgp router-id 1.1.1.1 bgp graceful-restart address-family ipv4 unicast network…
If you keep getting this error when generating key as license for running IOL or IOS On Linux, (also called IOU or IOS On Unix) in EVE-NG darwin@eve-ng:/$ cd /opt/unetlab/addons/iol/bin darwin@eve-ng:/opt/unetlab/addons/iol/bin$ python keygen.py ********************************************************************* Cisco IOU License Generator – Kal 2011, python port of 2006 C version hostid=bada0c0f, hostname=eve-ng, ioukey=bada0e51 Traceback (most recent call last): File “./keygen.py”, line 18, in <module> md5input=iouPad1 + iouPad2 + struct.pack(‘!i’, ioukey) + iouPad1 struct.error: ‘i’ format requires -2147483648 <= number <= 2147483647 Step 1:…
This can be done by increasing metric @OSPF Set the max-metric in OSPF and OSPFv3 in IOS-XR devices: RP/0/RSP0/CPU0:IOS-XR(config)# router ospf 65555 max-metric router-lsa external-lsa router ospfv3 65555 stub-router router-lsa v6-bit always Save the changes: commit RP/0/RSP0/CPU0:IOS-XR(config)#commit Verify: show ospf database @ISIS Increase ISIS metric router isis XXXX set-overload-bit Save the changes: commit RP/0/RSP0/CPU0:IOS-XR(config)#commit Verify: show isis database
4 Comments