- play_arrow Overview
- play_arrow Introduction
-
- play_arrow Devices
- play_arrow Device Management
- play_arrow Systems of Record
- play_arrow Device Discovery Profiles
- play_arrow Modeling Devices
- Rapid Deployment Overview
- Zero Touch Deployment Using Autoinstallation and Junos Space Network Management Platform on ACX Series and SRX Series Devices
- Model Devices Overview
- Creating a Connection Profile
- Creating a Modeled Instance
- Activating a Modeled or Cloned Device in Junos Space Network Management Platform
- Downloading a Configlet
- Viewing and Copying Configlet Data
- Activating Devices by Using Configlets
- Viewing a Modeled Instance
- Adding More Devices to an Existing Modeled Instance
- Viewing the Status of Modeled Devices
- Deleting Modeled Instances
- Viewing a Connection Profile
- Cloning a Connection Profile
- Modifying a Connection Profile
- Deleting Connection Profiles
- play_arrow Device Authentication in Junos Space
- play_arrow Viewing Device Inventory
- play_arrow Exporting Device Inventory
- play_arrow Configuring Juniper Networks Devices
- Modifying the Configuration on the Device
- Reviewing and Deploying the Device Configuration
- Junos OS Releases Supported in Junos Space Network Management Platform
- Configuration Guides Overview
- Saving the Configuration Created using the Configuration Guides
- Previewing the Configuration Created using the Configuration Guides
- Deploying the Configuration Created using the Configuration Guides
- Viewing and Assigning Shared Objects
- Applying a CLI Configlet to Devices
- Applying a CLI Configlet to a Physical Inventory Element
- Applying a CLI Configlet to a Physical Interface
- Applying a CLI Configlet to a Logical Interface
- Executing a Script on the Devices
- Executing a Script on a Physical Inventory Component
- Executing a Script on a Logical Interface
- Executing a Script on the Physical Interfaces
- play_arrow Device Adapter
- play_arrow Device Configuration Management
- play_arrow Adding and Managing Non Juniper Networks Devices
- play_arrow Accessing Devices
- Launching a Device’s Web User Interface
- Looking Glass Overview
- Executing Commands by Using Looking Glass
- Exporting Looking Glass Results in Junos Space Network Management Platform
- Secure Console Overview
- Connecting to a Device by Using Secure Console
- Configuring SRX Device Clusters in Junos Space using Secure Console
- play_arrow Logical Systems (LSYS)
- play_arrow Tenant System (TSYS)
- play_arrow Device Partitions
- play_arrow Custom Labels
- play_arrow Verifying Template, Image Deployment, Script Execution, and Staged Images on Devices
- play_arrow Device Monitoring
- play_arrow Device Maintenance
- Viewing Device Statistics
- Viewing Devices and Logical Systems with QuickView
- Resynchronizing Managed Devices with the Network
- Putting a Device in RMA State and Reactivating Its Replacement
- Modifying the Target IP Address of a Device
- Modifying the Serial Number of a Device
- Rebooting Devices
- Deleting Staged Images on a Device
- Cloning a Device in Junos Space Network Management Platform
- Deleting Devices
-
- play_arrow Device Templates
- play_arrow Overview
- play_arrow Template Definitions
- Creating a Template Definition
- Finding Configuration Options in a Template Definition
- Working with Rules in a Template Definition
- Specifying Device-Specific Values in Template Definitions
- Managing CSV Files for a Template Definition
- Publishing a Template Definition
- Viewing a Template Definition
- Modifying a Template Definition
- Cloning a Template Definition
- Importing a Template Definition
- Exporting a Template Definition
- Unpublishing a Template Definition
- Deleting a Template Definition
- play_arrow Configuring Devices using Device Templates
- play_arrow Configuring Devices using Quick Templates
- play_arrow Device Template Administration
- Viewing Template Details
- Viewing the Device-Template Association (Device Templates)
- Viewing Template Definition Statistics
- Viewing Device Template Statistics
- Comparing Templates or Template Versions
- Comparing a Device Template Configuration with a Device Configuration
- Cloning a Template in Junos Space Network Management Platform
- Exporting and Importing a Quick Template in Junos Space Network Management Platform
- Deleting Device Templates from Junos Space Network Management Platform
-
- play_arrow CLI Configlets
- play_arrow Overview
- play_arrow CLI Configlets
- Creating a CLI Configlet
- Modifying a CLI Configlet
- Viewing CLI Configlet Statistics
- Viewing a CLI Configlet
- Exporting CLI Configlets
- CLI Configlet Examples
- Deleting CLI configlets
- Cloning a CLI Configlet
- Importing CLI Configlets
- Applying a CLI Configlet to Devices
- Comparing CLI Configet Versions
- Marking and Unmarking CLI Configlets as Favorite
- play_arrow Configuration Views
- Configuration Views Overview
- Configuration View Variables
- Configuration View Workflow
- XML Extensions
- Creating a Configuration View
- Viewing a Configuration View
- Modifying a Configuration View
- Deleting Configuration Views
- Exporting and Importing Configuration Views
- Viewing Configuration Views Statistics
- Default Configuration Views Examples
- play_arrow XPath and Regular Expressions
- play_arrow Configuration Filters
-
- play_arrow Images and Scripts
- play_arrow Overview
- play_arrow Managing Device Images
- Device Images Overview
- Importing Device Images to Junos Space
- Viewing Device Images
- Modifying Device Image Details
- Staging Device Images
- Staging Satellite Software Packages on Aggregation Devices
- Verifying the Checksum
- Viewing and Deleting MD5 Validation Results
- Deploying Device Images
- Deploying Satellite Software Packages on Aggregation and Satellite Devices
- Viewing Device Image Deployment Results
- Viewing Device Association of Images
- Undeploying JAM Packages from Devices
- Removing Device Images from Devices
- Deleting Device Images
- play_arrow Managing Scripts
- Scripts Overview
- Promoting Scripts Overview
- Importing Scripts to Junos Space
- Viewing Script Details
- Modifying Scripts
- Modifying Script Types
- Comparing Script Versions
- Staging Scripts on Devices
- Verifying the Checksum of Scripts on Devices
- Viewing Verification Results
- Enabling Scripts on Devices
- Executing Scripts on Devices
- Executing Scripts on Devices Locally with JUISE
- Viewing Execution Results
- Exporting Scripts in .tar Format
- Viewing Device Association of Scripts
- Marking and Unmarking Scripts as Favorite
- Disabling Scripts on Devices
- Removing Scripts from Devices
- Deleting Scripts
- Script Annotations
- Script Example
- play_arrow Managing Operations
- play_arrow Managing Script Bundles
- Script Bundles Overview
- Creating a Script Bundle
- Viewing Script Bundles
- Modifying a Script Bundle
- Staging Script Bundles on Devices
- Enabling Scripts in Script Bundles on Devices
- Executing Script Bundles on Devices
- Disabling Scripts in Script Bundles on Devices
- Viewing Device Associations of Scripts in Script Bundles
- Deleting Script Bundles
-
- play_arrow Reports
- play_arrow Reports Overview
- play_arrow Report Definitions
- play_arrow Reports
-
- play_arrow Network Monitoring
- play_arrow Overview
- play_arrow Managing Nodes
- play_arrow Searching for Nodes and Assets
- play_arrow Managing Outages
- play_arrow Using the Network Monitoring Dashboard
- play_arrow Managing and Configuring Events
- play_arrow Managing and Configuring Alarms
- play_arrow Managing and Configuring Notifications
- play_arrow Managing Reports and Charts
- play_arrow Network Monitoring Topology
- play_arrow Network Monitoring Administration
- Configuring Network Monitoring System Settings
- Updating Network Monitoring After Upgrading the Junos Space Network Management Platform
- Configuring SNMP Community Names by IP
- Configuring SNMP Data Collection per Interface
- Managing Thresholds
- Compiling SNMP MIBs
- Managing SNMP Collections
- Managing SNMPv3 Trap Configuration
- Managing Data Collection Groups
- Managing and Unmanaging Interfaces and Services
- Starting, Stopping, and Restarting Services
-
- play_arrow Configuration Files
- play_arrow Overview
- play_arrow Managing Configuration Files
-
- play_arrow Jobs
- play_arrow Overview
- play_arrow Managing Jobs
- Viewing Statistics for Jobs
- Viewing Your Jobs
- Viewing Jobs
- Viewing Objects on Which a Job is Executed
- Viewing Job Recurrence
- Rescheduling and Modifying the Recurrence Settings of Jobs
- Retrying a Job on Failed Devices
- Reassigning Jobs
- Canceling Jobs
- Clearing Your Jobs
- Archiving and Purging Jobs
- Common Error Messages in Device-Related Operations
-
- play_arrow Role-Based Access Control
- play_arrow Overview
- play_arrow Roles
- Roles Overview
- Predefined Roles Overview
- Creating a User-Defined Role
- Managing Roles
- Modifying User-Defined Roles
- Deleting User-Defined Roles
- Cloning Predefined and User-Defined Roles
- Exporting User-Defined Roles from Junos Space Network Management Platform
- Importing Roles to Junos Space Network Management Platform
- play_arrow User Accounts
- Configuring Users to Manage Objects in Junos Space Overview
- Creating Users in Junos Space Network Management Platform
- Modifying a User
- Deleting Users
- Disabling and Enabling Users
- Unlocking Users
- Viewing Users
- Exporting User Accounts from Junos Space Network Management Platform
- Changing Your Password on Junos Space
- Clearing User Local Passwords
- Viewing User Statistics
- play_arrow User Groups
- play_arrow Domains
- play_arrow Remote Profiles
- play_arrow API Access Profiles
- play_arrow User Sessions
-
- play_arrow Audit Logs
- play_arrow Troubleshooting
- play_arrow Knowledge Base
-
NAT Configuration for Junos Space Network Management Platform Overview
To manage devices, Junos Space Network Management Platform supports connections initiated by the devices or Junos Space Platform. If a device is managed through a device-initiated connection, Junos Space Platform pushes the device management IP addresses of Junos Space and configures the outbound SSH stanza on the device when the device is discovered or when the device management IP addresses are modified. During device discovery and reconnection to devices, the devices initiate an outbound SSH connection to Junos Space Platform. If a device is managed through a connection initiated by Junos Space, an SSH connection is initiated to the device from Junos Space Platform.
Enabling NAT on your Junos Space setup allows devices placed outside your Junos Space setup to connect to Junos Space Platform and the Junos Space application. Enabling a NAT server on your Junos Space setup uses IP addresses translated through NAT as outbound SSH configuration to connect devices and trap IP addresses translated through NAT to send traps, rather than the actual device management and trap IP addresses. These translated IP addresses are updated and sent to the devices that are managed using a NAT server, after NAT is configured, or when the NAT configuration is updated.
You configure and enable Network Address Translation (NAT) server on a running Junos Space setup from the Administration workspace. You can also configure and enable NAT by using the Junos Space CLI when you create a Junos Space setup during the initial deployment. If you configure a NAT server, you must set a forwarding rule on the NAT server to enable communication between the Junos Space fabric and the devices managed through the NAT server. For more information about enabling NAT when you are configuring the Junos Space Virtual Appliance as a Junos Space node or Fault Monitoring and Performance Monitoring (FMPM) node, see one of the following:
To configure NAT when you are configuring a Junos Space Virtual Appliance, see the Configuring a Junos Space Virtual Appliance as a Junos Space Node, Configuring a Junos Space Virtual Appliance as a Standalone or Primary FMPM Node, and Changing the Network and System Settings of a Junos Space Virtual Appliance topics in the Junos Space Virtual Appliance Installation and Configuration Guide.
You can configure the disaster recovery feature and allow database replication in realtime with NAT configuration enabled on your Junos Space setup.
Enabling NAT on a Junos Space setup has the following impact on discovering and managing devices in Junos Space Platform:
When you configure NAT for the first time, by default, the devices that are managed on Junos Space Platform are not updated with the IP addresses of the Junos Space fabric that are translated through NAT.
During device discovery, you can choose whether to use the NAT server to route device-initiated connections to Junos Space Platform and manage them through the NAT server. For more information, see Device Discovery Profiles Overview.
When adding devices using the Model Devices feature, if you choose to use the NAT configuration, the IP addresses of the Junos Space fabric that are translated through NAT are available in the configlet generated from the modeled instance.
For managed devices routed through a NAT server, Junos Space Platform features such as SSH access to device, Launch WebUI of the devices, and Reactivate an RMA device from the Junos Space UI use the IP addresses of the Junos Space fabric that are translated through NAT.
Modifying only the NAT address in the network configuration of a Junos Space fabric from the CLI does not trigger a reboot. Junos Space Platform creates a job to update the NAT configuration on all devices managed through the NAT server.
If you simultaneously modify the NAT configuration and other network settings from the CLI, the NAT configuration changes are discarded and adialog box is displayed with the following message: “Changes to NAT will be discarded as the system required reboot.”
The following sections describe the NAT configuration updated on devices when different interfaces of a Junos Space node are used to deploy the Junos Space fabric :
Using eth0 for Device Management Without a Dedicated Network Monitoring Node
If you use eth0 interface to communicate to devices, the eth0 IP address of each node in the fabric is configured in the outbound SSH configuration on the devices. The virtual IP address (VIP) of the Junos Space setup is set as the trap target to receive SNMP traps from the devices.
Junos Space Platform automatically populates the IP addresses of the Junos Space nodes and the VIP address on the NAT Configuration page. The NAT configuration that is pushed as the outbound SSH connection and the trap target to which the device must send traps are generated as follows:
If the devices are in your internal network:
outbound ssh
content_copy zoom_out_map<configuration ...> <system> <services> <outbound-ssh> <client> <name>cluster_CLUSTERNAME</name> <device-id>9A1E0</device-id> ... <services>netconf</services> <servers> <name>$NODE1_ETH0_IP</name> <port>7804</port> </servers> <servers> <name>$NODE2_ETH0_IP</name> <port>7804</port> </servers> ... </client> </outbound-ssh> </services> </system> </configuration>trap target
content_copy zoom_out_map<configuration> <snmp> <v3> <target-address> <name>TA_SPACE</name> <address>$SPACE_ETH0_VIP</address> </target-address> </v3> </snmp> </configuration>If the devices are in your external (to the NAT server) network:
outbound ssh
content_copy zoom_out_map<configuration ...> <system> <services> <outbound-ssh> <client> <name>cluster_CLUSTERNAME</name> <device-id>E9A1E0</device-id> ... <services>netconf</services> <servers> <name>$NODE1_NAT_SSH_IP</name> <port>$NODE1_NAT_SSH_PORT</port> </servers> <servers> <name>$NODE2_NAT_SSH_IP</name> <port>$NODE2_NAT_SSH_PORT</port> </servers> ... </client> </outbound-ssh> </services> </system> </configuration>trap target
content_copy zoom_out_map<configuration> <snmp> <v3> <target-address> <name>TA_SPACE</name> <address>$SPACE_NAT_VIP</address> <port>$SPACE_NAT_TRAP_PORT</port> </target-address> </v3> </snmp> </configuration
A NAT server should be configured with a rule to forward device-initiated
connections destined to $NODEx_NAT_SSH_IP and $NODEx_NAT_SSH_PORT to $NODEx_ETH0_IP:7804. Similarly, traps destined to $SPACE_NAT_VIP and $SPACE_NAT_TRAP_PORT must be
forwarded to $SPACE_ETH0_VIP:162.
Using eth3 for Device Management Without a Dedicated Network Monitoring Node
If you use eth3 interface to communicate to devices, the eth3 IP address of each node in the fabric is configured in the outbound SSH configuration on the devices. The eth3 IP address of the active node (that currently works as a Network Monitoring node) is set as the trap target to receive SNMP traps from the devices.
Junos Space Platform automatically populates the IP addresses of the Junos Space nodes and the address of the network monitoring node on the NAT Configuration page. The NAT configuration that is pushed as the outbound SSH connection and the trap target to which the device must send traps are generated as follows:
If the devices are in your internal network:
outbound ssh
content_copy zoom_out_map<configuration ...> <system> <services> <outbound-ssh> <client> <name>cluster_CLUSTERNAME</name> <device-id>9A1E0</device-id> ... <services>netconf</services> <servers> <name>$NODE1_ETH3_IP</name> <port>7804</port> </servers> <servers> <name>$NODE2_ETH3_IP</name> <port>7804</port> </servers> ... </client> </outbound-ssh> </services> </system> </configuration>trap target
content_copy zoom_out_map<configuration> <snmp> <v3> <target-address> <name>TA_SPACE</name> <address>$NODEopennms_ETH3_IP</address> </target-address> </v3> </snmp> </configuration>If the devices are in your external (to the NAT server) network:
outbound ssh
content_copy zoom_out_map<configuration ...> <system> <services> <outbound-ssh> <client> <name>cluster_CLUSTERNAME</name> <device-id>E9A1E0</device-id> ... <services>netconf</services> <servers> <name>$NODE1_NAT_SSH_IP</name> <port>$NODE1_NAT_SSH_PORT</port> </servers> <servers> <name>$NODE2_NAT_SSH_IP</name> <port>$NODE2_NAT_SSH_PORT</port> </servers> ... </client> </outbound-ssh> </services> </system> </configuration>trap target
content_copy zoom_out_map<configuration> <snmp> <v3> <target-address> <name>TA_SPACE</name> <address>$NODEopennms_NAT_TRAP_IP</address> <port>$NODEopennms_NAT_TRAP_PORT</port> </target-address> </v3> </snmp> </configuration
A NAT server should be configured with a rule to forward device-initiated
connections destined to $NODEx_NAT_SSH_IP and $NODEx_NAT_SSH_PORT, to $NODEx_ETH3_IP:7804. Similarly, traps destined to $NODEopennms_NAT_TRAP_IP and $NODEopennms_NAT_TRAP_PORT must be forwarded to $NODEopennms_ETH3_IP:162.
Using eth0 or eth3 for Device Management With a Dedicated Network Monitoring Node
If you use eth3 interface to communicate to devices, the eth3 IP address of each node is configured in the outbound SSH configuration on the devices. Similarly, if you use eth0 interface to communicate to devices, the eth0 IP address of each node is configured in the outbound SSH configuration on the devices. The VIP address of the dedicated Network Monitoring node is configured as the trap target to send SNMP traps from the devices.
Junos Space Platform automatically populates the IP addresses of the Junos Space nodes and the VIP address on the NAT Configuration page. The NAT configuration that is pushed as the outbound SSH connection and the trap target to which the device must send traps are generated as follows:
If the devices are in your internal network:
outbound ssh
content_copy zoom_out_map<configuration ...> <system> <services> <outbound-ssh> <client> <name>cluster_CLUSTERNAME</name> <device-id>9A1E0</device-id> ... <services>netconf</services> <servers> <name>$NODE1_ETH0_IP</name> <port>7804</port> </servers> <servers> <name>$NODE2_ETH0_IP</name> <port>7804</port> </servers> ... </client> </outbound-ssh> </services> </system> </configuration>trap target
content_copy zoom_out_map<configuration> <snmp> <v3> <target-address> <name>TA_SPACE</name> <address>$OPENNMSNODE_ETH0_VIP</address> </target-address> </v3> </snmp> </configuration>If the devices are in your external (to the NAT server) network:
outbound ssh
content_copy zoom_out_map<configuration ...> <system> <services> <outbound-ssh> <client> <name>cluster_CLUSTERNAME</name> <device-id>E9A1E0</device-id> ... <services>netconf</services> <servers> <name>$NODE1_NAT_SSH_IP</name> <port>$NODE1_NAT_SSH_PORT</port> </servers> <servers> <name>$NODE2_NAT_SSH_IP</name> <port>$NODE2_NAT_SSH_PORT</port> </servers> ... </client> </outbound-ssh> </services> </system> </configuration>trap target
content_copy zoom_out_map<configuration> <snmp> <v3> <target-address> <name>TA_SPACE</name> <address>$OPENNMSNODE_NAT_VIP</address> <port>$OPENNMSNODE_NAT_TRAP_PORT</port> </target-address> </v3> </snmp> </configuration
A NAT server should be configured with a rule to forward device-initiated
connections destined to $NODEx_NAT_SSH_IP and $NODEx_NAT_SSH_PORT, to $NODEx_ETH0_IP:7804. Similarly, traps destined to $OPENNMSNODE_NAT_VIP and $OPENNMSNODE_NAT_TRAP_PORT must be forwarded to $OPENNMSNODE_ETH0_VIP:162.
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.
