Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Archive] How To: Restrict Admin Access

0

0

Article ID: KB6889 KB Last Updated: 31 May 2012Version: 4.0
Summary:
How To: Restrict Admin Access
Symptoms:
Telnet Access console root admin
Solution:

There are three different methods to restrict Administration to the NetScreen device.' 

1) A NetScreen device can be administered from one or multiple addresses of a subnet.' ' '  To restrict access to specific workstations, configure a management client ip address(es).

For example. to limit administration to the ip address of 172.16.40.42 enter the following CLI command:

set admin manager-ip 172.16.40.42/32 [Enter]

2) The NetScreen can be configured to limit the Root Admin access through the console only.'  This restriction requires the root admin to have physical access to the device in order to log in,' thus preventing unauthorized users from logging in remotely.'  After this restriction is set, this device denies' root admin access through any other means (such as WebUI, Telnet, or SSH).' ' '  To restrict the access of root admin to the console only, enter the following command (this can only be' set through the CLI):

set admin root access console [Enter]

3) The root admin can specify the following command to require a VPN for admins that access the NetScreen device through a Telnet connection:

set admin telnet access tunnel [Enter]


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search