The goal of this chapter is to secure the network in Figure 6-2, which consists of three routers—
Bock—that are running Open Shortest
Path First (OSPF) as the Interior Gateway Protocol (IGP).
PBR connects to multiple Internet service
providers (ISPs) via the Border Gateway Protocol (BGP). Various types of
traffic are sent and received from the two ISPs, including web browsing,
email, and a variety of remote accounting and engineering applications.
The first step will be to secure access to
Bock so that only authorized users have
access to each router.
Figure 6-2. Network topology
There are two types of users on a Juniper Networks router—a
nonroot user and a root user, both of which must be secured. Recall that
user root is the only user who is predefined by default, accessible only
via the console port without any default password. You must set a root
password before the router will allow you to commit the configuration.
To set up a root password, issue to the user the
root-authentication keyword under the
[edit system] level:
set system root-authentication ?Possible completions: + apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups encrypted-password Encrypted password string load-key-file File (URL) containing one or ...