Introduction
This chapter explains how to use the Juniper ATP Appliance command line interface (CLI) to configure and administer a Juniper ATP Appliance.
This chapter contains the following sections:
Accessing the CLI
Hardware Appliance CLI Access via Keyboard and Monitor
Connect the end of the keyboard cable to any of the USB ports on the back panel of the appliance.
Connect the end of the video monitor cable to the VGA port on the back panel of the appliance.
At the CLI prompt, enter your username and password. By default, the admin user name is admin and the password is 1JATP234.
Be sure to change the default password for the admin account after initial setup; the password must be at least 8 characters in length.
To launch the configuration wizard, enter the command
wizard.
Configuration Wizard Command Prompt Progressions
Enter CTRL-C to exit the Configuration Wizard at any time. If you exit without completing the configuration, you will be prompted again whether to run the Configuration Wizard.
You may also rerun the Configuration Wizard at any time with the CLI command wizard.
Configuration Wizard Prompts |
Customer Response from All-in-One |
Customer Response from Core or Mac Mini |
Customer Response from Collector |
Use DHCP to obtain the IP address and DNS server address for the administrative interface (Yes/No)? Note:
Only if your DHCP response is no,enter the following information when prompted:
Restart the administrative interface (Yes/No)? |
We strongly discourage the use of DHCP addressing because it changes dynamically. A static IP address is preferred. Recommended: Respond with no:
Enter yes to restart with the new configuration settings applied. |
We strongly discourage the use of DHCP addressing because it changes dynamically. A static IP address is preferred. Recommended: Respond with no:
Enter yes to restart with the new configuration settings applied. |
We strongly discourage the use of DHCP addressing because it changes dynamically. A static IP address is preferred. Recommended: Respond with no:
Enter yes to restart with the new configuration settings applied. |
Enter a valid hostname (enter a unique name) Note:
Only alpha-numeric characters and hyphens (in the middle of the hostname) are allowed. |
Type a hostname when prompted; do not include the domain; for example: juniperatp1 |
Type a hostname when prompted; do not include the domain; for example: juniperatp1 |
Type a hostname when prompted; do not include the domain; for example: juniperatp1 |
[OPTIONAL] If the system detects a Secondary Core with an eth3 port, then the alternate CnC exhaust option is displayed: Use alternate-exhaust for the analysis engine exhaust traffic (Yes/No)? Enter IP address for the alternate-exhaust (eth2) interface: Enter netmask for the alternate-exhaust (eth2) interface: (example: 255.255.0.0) Enter gateway IP Address for the alternate-exhaust (eth2) interface: (example:10.6.0.1) Enter primary DNS server IP Address for the alternateexhaust (eth2) interface: (example: 8.8.8.8) Do you have a secondary DNS server for the alternate-exhaust (eth2) interface? Do you want to enter the search domains for the alternateexhaust (eth2) interface? Note:
A complete network interface restart can take more than 60 seconds |
Refer to “Configuring an Alternate Analysis Engine Interface” in the Juniper ATP Appliance Operator’s Guide for more information. Enter yes to configure an alternate eth2 interface. Enter the IP address for the eth2 interface. Enter the eth2 netmask. Enter the gateway IP address. Enter the primary DNS server IP Address for the alternate-exhaust (eth2) interface. Enter yes or no to confirm or deny an eth2 secondary DNS server. Enter yes or no to indicate whether you want to enter search domain. |
Refer to “Configuring an Alternate Analysis Engine Interface” in the Juniper ATP Appliance Operator’s Guide for more information. Enter yes to configure an alternate eth2 interface. Enter the IP address for the eth2 interface. Enter the eth2 netmask. Enter the gateway IP address. Enter the primary DNS server IP Address for the alternate-exhaust (eth2) interface. Enter yes or no to confirm or deny an eth2 secondary DNS server. Enter yes or no to indicate whether you want to enter search domain. |
[Traffic Collectors do not send or receive Core analysis engine CnC network traffic, so no eth2 interface is needed.] |
Regenerate the SSL self-signed certificate (Yes/No)? |
Enter yes to create a new SSL certificate for the Juniper ATP Appliance Server Web UI. If you decline the selfsigned certificate by entering no, be prepared to install a certificate authority (CA) certificate. |
Enter yes to create a new SSL certificate for the Juniper ATP Appliance Server Web UI. If you decline the selfsigned certificate by entering no, be prepared to install a certificate authority (CA) certificate. |
Not applicable to Collector. |
Enter the following server attributes: Is this a Central Manager device: Device Name: (must be unique) Device Description Device Key PassPhrase Note:
Remember this passphrase and use it for all distributed devices! |
Enter Yes; the system will auto-set IP 127.0.0.1 as the All-in- One IP address. Enter the Juniper ATP Appliance Collector Host Name; this identifies the Collector in the Web UI. Enter a device Description Enter a user-defined PassPhrase to be used to authenticate the Core to the Central Manager. |
Enter Yes; the system will auto-set IP 127.0.0.1 as the All-in- One IP address. Enter the Juniper ATP Appliance Collector Host Name; this identifies the Collector in the Web UI. Enter a device Description Enter a user-defined PassPhrase to be used to authenticate the Core to the Central Manager. |
Enter Yes; the system will auto-set IP 127.0.0.1 as the All-in- One IP address. Enter the Juniper ATP Appliance Collector Host Name; this identifies the Collector in the Web UI. Enter a device Description Enter a user-defined PassPhrase to be used to authenticate the Core to the Central Manager. |
Hardware, Software and Virtual Appliance Access via SSH
To access the Juniper ATP Appliance CLI over the management network:
Start a terminal window session and use the ssh command to access the appliance. For example, if the IP address of the appliance is 10.1.1.2, enter the following command:
When prompted, enter your password. By default, the admin user name is admin and the password is 1JATP234.
To launch the configuration wizard, enter the command wizard.
# wizard
See Configuration Wizard Command Prompt Progressions for steps.
CLI Help and Keyboard Shortcuts
To display Juniper ATP Appliance CLI help, type the command help to display CLI keys and auto-completion usage.
For context-sensitive help, alternatively, enter a “?” to display either a list of possible command completions with summaries, or the full syntax of the current command. A subsequent repeat of this key, when a command has been resolved, will display a detailed reference, as described below.
Enter “?” at the prompt to display a list of the available commands in the current mode.
Enter “?” after you type a command to display its available options and parameters.
Enter “?” after a partially typed keyword to display command matches for auto-completions
You can enter commands in abbreviated form if you enter enough characters to uniquely identify each keyword. For example, the show interface command can be abbreviated as:
sh in
To identify a command’s minimum abbreviation, type a few characters then press Tab. When you have entered enough characters, the keyword is completed.
The following table outlines the available CLI shortcuts.
Action |
Shortcut |
Description |
Auto-Completion |
Enter, Tab or Space Key |
Completes a partial command during typing if enough characters are typed to uniquely identify it. |
Recall |
Ctrl+P or ↑ Ctrl+N or ↓ Ctrl+L or Ctrl+R |
Retrieve previous command from CLI history. Retrieve next command from CLI history. Clear the screen or Redisplay the current command line. |
Delete |
Ctrl+D Ctrl+H Ctrl+K Ctrl+U or Ctrl+W |
Delete character. Delete character before cursor (Backspace). Delete all characters from cursor to end of line. Delete all characters or words on line. |
Cursor move |
Ctrl+A Ctrl+B Ctrl+E Ctrl+F |
Move cursor to start of line. Move cursor back a single character. Move cursor to end of line. Move cursor forward a single character. |
Character Transpose |
Ctrl+T |
Transpose character at the cursor with preceding character. |
Interrupt output |
Ctrl+C |
Interrupt presentation of the CLI output. |
Replace |
!! |
Substitute the last command line |
!N |
Substitute the Nth command line (absolute as per 'history' command) |
|
!-N |
Substitute the command line entered N lines before (relative) |
|
Exit mode or logout |
exit |
Exit current mode or exit the CLI session. |
SPECIAL CHARACTER REQUIREMENT
You must enclose non-alphabet characters in double quotes in CLI commands; for example:
Juniper ATP Appliance(server)# set passphrase “kfe$nd#$^S”
CLI Modes
The CLI commands that you can enter depend on your user privileges and the CLI command mode. User roles are “admin” and “debugging.” The following table describes the CLI command mode.
Note that the prompt in each mode includes the host name of the Juniper ATP Appliance.
Mode |
Description |
How to Exit |
Basic Mode |
Monitor system operation and issue basic system commands. This is the default login mode. The following prompt is displayed: JATP# |
Enter exit to log out of the CLI. |
CM Mode |
Monitor system history and upgrades from the Core or vCore in cm (Central Manager) mode. JATP_Hostname# cm JATP_Hostname (cm)# ? |
Enter exit to leave cm mode. |
Core Configuration Mode |
To access Core configuration mode in the Core/CM, All-in- One, and Mac Mini, enter “core” in Basic mode. The prompt changes to indicate the mode in parentheses: JATP_Hostname# core JATP_Hostname (core)# ? |
Enter exit to leave server mode. |
Collector Configuration Mode |
Configure the Juniper ATP Appliance Collector (includes all commands). To access Collector configuration mode, enter “collector” in Basic mode. The prompt changes to indicate the mode in parentheses: JATP_Hostname# collector JATP_Hostname (collector)# ? |
Enter exit to leave server mode. |
Diagnosis Packet Capture, Monitoring, GSS Reporting and Configuration Mode |
Check Initial Setup, Diagnose, Monitor, Set GSS, and Configure the Juniper ATP Appliance (includes all commands). To access Diagnosis mode, enter “diagnosis” in Basic mode. The prompt changes to indicate the mode in parentheses: JATP_Hostname# diagnosis JATP_Hostname (diagnosis)# ? |
Enter exit to leave diagnosis mode. |
Server Configuration Mode |
Set up and monitor the system (includes all Basic commands plus server-specific commands). To access Server configuration mode, enter “server” in Basic mode. The prompt changes to indicate the mode in parentheses: JATP-Hostname# server JATP-Hostname (server)# ? |
Enter exit to leave server mode. |
Wizard Configuration Mode |
Configure the system during installation and setup the management network and connected Juniper ATP Appliance components. To access wizard configuration mode, enter “wizard” in Basic mode. The prompt changes to indicate the mode in parentheses: JATP-Hostname# wizard JATP-Hostname (wizard)# ? |
Enter exit to leave wizard mode. |