Professional Documents
Culture Documents
You can apply configuration groups to a JUNOS cluster object just as you can to a standalone JUNOS
device. See Using Configuration Groups .You can cluster J Series routers or SRX Series gateways. You
cannot cluster EX Series
devices, M Series devices, or MX Series devices.You can include configuration groups within templates
when configuring cluster objects.Exactly the same rules apply as when configuring a standalone device.
See Using
Configuration Groups with Templates.
list.
The Apply/Exclude Config Groups dialog appears with the configuration group named node already
highlighted in the Available Config Groups list.
7. Click the Add icon above the Applied Config Groups list (and not the Add button).
The ${node} is automatically expanded by NSM to create and apply configuration groups node0 and
node1 to each member node.
9. Click OK to apply the configuration group.
If you later need to edit the local data for a cluster member, you do so by editing the configuration group
for that member.
Configuration
Features configured in these special Routing Engine configuration groups appear only in the Routing
Engine configuration to which they were applied. They do not appear in the global configuration,
regardless of which Routing Engine is the master. All other configuration groups applied to the device
apply to the global configuration and
not to individual Routing Engines.
exist, click the Add icon, name the new configuration group re0, and then save it.
5. In the navigation tree for re0, select System.
6. In the Host Name field, assign a name to the Routing Engine, for example, Dual-RE-re0.
7. Click OK twice.
2. In the Device Tree, double-click the JUNOS router with redundant Routing Engines.
3. In the Info tab of the device editor, select Routing Engine Configuration.
Engine.
5. In the navigation tree, select System. The configured Routing Engine name appears in the Host Name
field.
1-
23-
Click the + icon and select Device to display the Add Device wizard.
Select Device Is Reachable (default) and click Next to display the page where you configure connection
settings.
4-
In the Specify Connection Settings dialog box, enter the following connection information:
-
Enter admin for the username of the device admin user : admin
Enter the password for the device admin user. You set the password for admin when you ran the ACM Wizard
: $admin_pwd$
Enter the password for the device root user. You set the password for root when you ran the
ACM Wizard: $root_pwd$
Click Next.
The Wizard displays a page where you can verify the integrity of the connection between the IDP Series appliance and
NSM as shown in the figure below. Please wait a moment as the NSM retrieves SSH key fingerprint information from
the IDP Series appliance.
Figure 3 : NSM Add Device Wizard: SSH Key Fingerprint Information
5-
Log into the IDP OS command-line interface and verify the SSH key fingerprint.Comparing the
SSH key fingerprint information enables you to detect man-in-the-middle attacks:
Use
If
you prefer, make a connection through the serial port and log in as root.
b. Enter
cd /etc/ssh.
c. Enter
ssh-keygen -l -f ssh_host_dsa_key.
6-
Verify that the device type, OS version, device serial number, and device mode are correct.
7-
Click Next to add the device to NSM. Upon success, NSM displays the following message:
Figure 5 : NSM Add Device Wizard: Add Device Confirmation
8-
Click Next to import the configuration from the IDP Series device. Upon success, NSM displays the following
message:
Figure 6 : NSM Add Device Wizard: Configuration Import Confirmation
9-
Click Finish.
10- After the job is complete, double-click the device in Device Manager to view the imported
configuration.
To check the device configuration status, mouse over the device and verify that the device status displays
Managed.
Enter the cluster-level information into the New Cluster dialog box as shown in Figure 161
below:
Click OK.
The new cluster appears in the Device Manager.
1. On the device itself, configure the cluster member device with logon credentials for the NSM
administrator.
2. Add the cluster member in NSM:
a. In the Device Manager, right-click on the SA-Cluster icon and select New >Cluster Member
from the list.
b. In the New Cluster Member dialog box, enter a name and color for the cluster member and select
Device Is Not Reachable.
c. Click Next. The Specify OS Name, Version, and Platform screen appears.
d. Specify an IP address for the NSM Device Manager server, or accept the default, and then click
Next.
e. Make a note of the Unique External ID automatically displayed by NSM. The device administrator
will need it later to connect the device to NSM.
f. Enter the NSM username and password configured on the device.
g. Enter a first-connection one-time password, and make a note of it. The device administrator will
need it to connect the device to NSM.
h. Check the Keep Adding Cluster Members box to add another cluster member.
The Finish button changes to the Next button.
i. Click Next and repeat the process for the second cluster member. When you have finished adding
cluster members, leave the Keep Adding Cluster Members box empty and click Finish.
3. Configure and activate connectivity on each cluster member by performing the following steps
on each cluster member:
a. Open the System > Configuration > NSM Agent screen to add the NSM management
application.
b. In the Primary Server field, enter the IP address of the Device Server.
c. In the Primary Port field, enter 7804.
d. Fill out the Backup Server and Backup Port fields if a high availability Device Server is configured.
e. In the Device ID field, enter the unique external ID provided by the NSM administrator.
f. In the HMAC field, enter the one-time password, also provided by the NSM administrator.
g. Click the Enable button to enable the NSM agent.
h. Click Save Changes.
The device software initiates the TCP connection to NSM and identifies itself
using the specified device ID and HMAC. The two sides then engage in SSH transport layer
interactions to set up an encrypted tunnel, and NSM authenticates itself to the device based on
user name and password.
4. Confirm Connectivity in NSM.
Verify that the connection status of the cluster member in the Device List is Up.