Time zone, Login Banner and CLI idle timeout on Juniper Junos

In this new lesson, I will explain and explain the following 3 topics:

  • Time Zone
  • Login Banner
  • CLI idle timeout

Let’s begin with the Time Zone. It is very important that you set a time zone for your router which is the country where you are based so the router has the right clock. I can’t stress how important to have the clock set correctly on the router especially when you need to track some logs on the router for troubleshooting (logs will show the date/time when this event has happened).

 

Setting the time zone is straight forward on the Junos device:

root@R1# set system time-zone ?

Possible completions:

Time zone name or POSIX-compliant time zone string

Africa/Abidjan

Africa/Accra

Africa/Addis_Ababa

Africa/Algiers

Africa/Asmera

Africa/Bamako

Africa/Bangui

Africa/Banjul

Africa/Bissau

Africa/Blantyre

Africa/Brazzaville

Africa/Bujumbura

Africa/Cairo

Africa/Casablanca

Africa/Ceuta

Africa/Conakry

Africa/Dakar

Africa/Dar_es_Salaam

Africa/Djibouti

Africa/Douala

Africa/El_Aaiun

—(more 5%)—

Here I am showing only the 1st page of this command. In my case, I am based in The Netherlands so I will search for the right time zone for the Netherlands – I will scroll with the pages until I find it:

Europe/Amsterdam

Europe/Andorra

Europe/Athens

Europe/Belfast

Europe/Belgrade

Europe/Berlin

Europe/Bratislava

Europe/Brussels

Europe/Bucharest

Europe/Budapest

Europe/Chisinau

—(more 70%)—

Here it is, so let’s complete the command now:

root@R1# set system time-zone Europe/Amsterdam

[edit]

root@R1# commit

commit complete

[edit]

root@R1#

It has been applied successfully. Now let’s check if the Juniper router has the time zone of the Netherlands:

root@R1# show system time-zone

time-zone Europe/Amsterdam;

[edit]

root@R1#

Excellent, now I know that my router has the right time zone on it.

The next topic that I want to explain in this lesson is the login banner. With login banner, you provide a banner to any user who is trying to login to the router. This can help to notify unauthorized people that they shouldn’t log in to the router for example.

Let me show you how you can configure it:

root@R1# set system login message “Welcome. If you are not authorized to login, please leave immediately”

[edit]

root@R1# commit

commit complete

[edit]

root@R1#

This has been saved successfully, I will exit back to see if this message will show up for me:

root@R1# exit

Exiting configuration mode

root@R1> exit

root@% exit

logout

Welcome. If you are not authorized to login, please leave immediately

R1 (ttyd0)

login:

Indeed – the login message has shown to me 😊

And finally, I will speak about the CLI idle timeout. This will allow the Juniper router to logout and close the session in case the console is idle for number of minutes that you precise. In case you put 0 minute, this means that the CLI will never exit.

The CLI idle timeout is handy when for example you are working on the CLI and you had to quit to make a cup of coffee 😊, then the session will close to not allow anyone to take control of your router and check/modify the configuration while you are not present.

 

To configure it, you have to be on the operational mode as the following:

root@R1> set cli ?

Possible completions:

complete-on-space    Set whether typing space completes current word

directory                   Set working directory

idle-timeout              Set maximum idle time before login session ends

logical-system          Set default logical system

prompt                      Set CLI command prompt string

restart-on-upgrade   Set whether CLI prompts to restart after software upgrade

screen-length           Set number of lines on screen

screen-width            Set number of characters on a line

terminal                   Set terminal type

timestamp               Timestamp CLI output

So you have to chose “idle-timeout” completion command and set the number of minutes. I will put it for 1 minute and see if after 1 min of inactivity it will log me out:

root@R1> set cli idle-timeout 1

Idle timeout set to 1 minute

Now the 1 minute has been finished, let me check my console session if it has logged out:

Idle timeout exceeded: closing session

root@R1%

Indeed, this has worked perfectly. It had also warned me that there are still 10 second before it logged me out and when I did not do anything it logged me out.

This is all what I wanted to show you in this lesson, hope you enjoyed it and see you in the upcoming one 😊

Course Content

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.

About