In this new lesson, I will explain and explain the following 3 topics:
- Time Zone
- Login Banner
- CLI idle timeout
Let’s begin with the Time Zone. It is very important that you set a time zone for your router which is the country where you are based so the router has the right clock. I can’t stress how important to have the clock set correctly on the router especially when you need to track some logs on the router for troubleshooting (logs will show the date/time when this event has happened).
Setting the time zone is straight forward on the Junos device:
root@R1# set system time-zone ?
Possible completions:
Time zone name or POSIX-compliant time zone string
Africa/Abidjan
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmera
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar_es_Salaam
Africa/Djibouti
Africa/Douala
Africa/El_Aaiun
—(more 5%)—
Here I am showing only the 1st page of this command. In my case, I am based in The Netherlands so I will search for the right time zone for the Netherlands – I will scroll with the pages until I find it:
Europe/Amsterdam
Europe/Andorra
Europe/Athens
Europe/Belfast
Europe/Belgrade
Europe/Berlin
Europe/Bratislava
Europe/Brussels
Europe/Bucharest
Europe/Budapest
Europe/Chisinau
—(more 70%)—
Here it is, so let’s complete the command now:
root@R1# set system time-zone Europe/Amsterdam
[edit]
root@R1# commit
commit complete
[edit]
root@R1#
It has been applied successfully. Now let’s check if the Juniper router has the time zone of the Netherlands:
root@R1# show system time-zone
time-zone Europe/Amsterdam;
[edit]
root@R1#
Excellent, now I know that my router has the right time zone on it.
The next topic that I want to explain in this lesson is the login banner. With login banner, you provide a banner to any user who is trying to login to the router. This can help to notify unauthorized people that they shouldn’t log in to the router for example.
Let me show you how you can configure it:
root@R1# set system login message “Welcome. If you are not authorized to login, please leave immediately”
[edit]
root@R1# commit
commit complete
[edit]
root@R1#
This has been saved successfully, I will exit back to see if this message will show up for me:
root@R1# exit
Exiting configuration mode
root@R1> exit
root@% exit
logout
Welcome. If you are not authorized to login, please leave immediately
R1 (ttyd0)
login:
Indeed – the login message has shown to me 😊
And finally, I will speak about the CLI idle timeout. This will allow the Juniper router to logout and close the session in case the console is idle for number of minutes that you precise. In case you put 0 minute, this means that the CLI will never exit.
The CLI idle timeout is handy when for example you are working on the CLI and you had to quit to make a cup of coffee 😊, then the session will close to not allow anyone to take control of your router and check/modify the configuration while you are not present.
To configure it, you have to be on the operational mode as the following:
root@R1> set cli ?
Possible completions:
complete-on-space Set whether typing space completes current word
directory Set working directory
idle-timeout Set maximum idle time before login session ends
logical-system Set default logical system
prompt Set CLI command prompt string
restart-on-upgrade Set whether CLI prompts to restart after software upgrade
screen-length Set number of lines on screen
screen-width Set number of characters on a line
terminal Set terminal type
timestamp Timestamp CLI output
So you have to chose “idle-timeout” completion command and set the number of minutes. I will put it for 1 minute and see if after 1 min of inactivity it will log me out:
root@R1> set cli idle-timeout 1
Idle timeout set to 1 minute
Now the 1 minute has been finished, let me check my console session if it has logged out:
Idle timeout exceeded: closing session
root@R1%
Indeed, this has worked perfectly. It had also warned me that there are still 10 second before it logged me out and when I did not do anything it logged me out.
This is all what I wanted to show you in this lesson, hope you enjoyed it and see you in the upcoming one 😊
0 Comments