Configure Basic Settings

You are here: Device Administration > Basic Settings.

Use this page to configure your device basic settings.

You can do the following:

Save—Saves all the basic settings configuration and returns to the main configuration page.
Note:
For all the configuration options under Basic Settings:
- Tool tip on the right-side represents different icons for notifications, validation errors, and successful configuration.
- When you make a configuration change and navigate to a different page without saving it, a pop-up message is displayed to save the configuration.
Cancel—Cancels all your entries and returns to the main configuration page.
Commit—Commits all the basic settings configuration and returns to the main configuration page.
Expand all—Click the arrow pointing outwards icon to expand all the options.
Collapse all—Click the arrow pointing inwards to collapse or hide all the options.

Table 1 describes the fields on the Basic Settings page.

Table 1: Fields on the Basic Settings Page
Field	Action
System Identity
Hostname	Enter a hostname for the device.
Domain name	Enter a domain name to specify the network or subnetwork to which the device belongs.
Root password	Enter a password for the root user. Note: After you have defined a root password, that password is required when you log in to the J-Web or the CLI.
Confirm root password	Re-enter the password to confirm.
DNS servers	Select an option to specify the DNS server settings: To specify a server that the device can use to resolve hostnames into addresses: Click + at the top right side of the DNS Servers table. Enter an IPv4 address of the server. Click the tick mark to save the changes. Else, click the cancel (X) icon to discard the changes. To edit an existing DNS server hostname: Select a DNS server hostname that you want to edit. Click the pencil icon at the top right side of the DNS Servers table or right-click on the hostname and edit the IPv4 address. Click the tick mark to save the changes. Else, click the cancel (X) icon to discard the changes. To remove an existing DNS server hostname, select it and click the delete icon at the top right side of the DNS Servers table or right-click on the hostname and delete it.
Domain search	Select an option: To add a domain name: Click + at the top right side of the Domain Search table. Enter a domain name. The string must contain an alphanumeric character and can include underscores, hyphen, slash and dot. No spaces allowed. Click the tick mark to save the changes. Else, click the cancel (X) icon to discard the changes. To edit an existing domain name: Select a domain name that you want to edit. Click the pencil icon at the top right side of the Domain Search table or right-click on the domain name and edit the name. Click the tick mark to save the changes. Else, click the cancel (X) icon to discard the changes. To remove an existing domain name, select it and click the delete icon at the top right side of the Domain Search table or right-click on the name and delete it.
Time
Time zone	Select the time zone from the list in which the router resides.
Time source	Select an option from the list to set the system time:
	NTP Servers—Synchronizes the system time with the NTP server that you select. Click one of the following options: Add—Click + to add an NTP server. Then, enter the NTP server name, key, and Routing Instance. Select an option from the list for Version and Prefer. Edit—Select an existing NTP server that you want to edit and click the pencil icon available at the upper right of the NTP Server table. You can also right-click on the NTP server and click Edit Row. Then, edit the key and version and click the tick mark. Delete—Select an existing NTP server that you want to delete and click the delete icon available at the upper right of the NTP Server table. You can also right-click on the NTP server and click Delete Row. Click Yes to delete the selected server.
	Computer—Uses the computer that you are currently logged into to determine the system time for the device. Note: When you select this option, the PC time that will be used is displayed in the Current Date & Time field.
	Manual—Enables you to manually select the date and time for the device. Set the date and time using the calendar pick tool and time fields. Note: After you configure the time manually, the session will expire. Log in to J-Web.
Device date & time	Displays the device date and time.
Current date & time	Displays the current date and time.
Management and Loopback Address
Management address	Enter IPv4 address for the device.
Subnet	Enter subnet of the IPv4 address.
Loopback address	Enter IP address and subnet for the loopback address. Note: If the SRX Series Firewall does not have a dedicated management port (fxp0), then Loopback Address and Subnet are the only options available for the management access configuration.
Subnet	Enter the address, for example, 255.255.255.0. You can also specify the address prefix. Specifies the range of logical addresses within the address space that is assigned to an organization.
Default gateway	Enter the default gateway address for IPv4.
System Services
Telnet	Select this option to enable telnet.
SSH	Select this option to enable SSH connections.
FTP	Select this option to enable FTP for secure file transfer.
NETCONF	Select this option to enable NETCONF connections.
Junoscript over SSL	Select this option to enable Junoscript connections over SSL.
Junoscript certificate	Select the local certificate for SSL from the list.
Interface	Select the interface in order of your preference and click on the left arrow/right arrow to add.
HTTPS	Select this option to enable HTTPS connection settings.
Interface	Select the interface in order of your preference and click on the left arrow/right arrow to add.
HTTPS certificate	Specifies the certificate that you want to use to secure the connection from the HTTPS certificates list when you enable HTTPs. Select the HTTPS certificate from the list.
PKI certificate	Select the PKI certificate for HTTPS from the list. Note: This option is available only if you select pki-local-certificate in the HTTPS Certificate options.
Local certificate	Select the local certificate for HTTPS from the list. Note: This option is available only if you select local-certificate in the HTTPS Certificate options.
Web API	Select to enable Web API configuration.
Client	Select to enable client for the Web API.
Hostname	Provides the address of permitted HTTP/HTTPS request originators. To add, click + and enter the IPv4 address of the permitted HTTP/HTTPS request originator and click tick mark to save the changes. To delete, select the hostname and click the delete icon. Then, click Yes to delete it.
HTTP	Select to enable unencrypted HTTP connection settings.
HTTP port	Click top or bottom arrows to select the TCP ports for incoming HTTP connections.
HTTPs	Select to enable encrypted HTTPS connection settings.
HTTPS port	Click top or bottom arrows to select the TCP ports for incoming HTTP connections.
Certificate type	Select to specify the certificate that you want to use to secure the connection from the HTTPS certificates list when you enable HTTPs for Web API: Default—Selects the default system generated certificate. PKI Certificate—Select a PKI certificate from the list for HTTPS of Web API. File Path: File Path—Click Browse and select a certificate from your desired location. Or click Upload and upload the selected certificate. Certificate—Displays the file path of the uploaded certificate. Certificate Key: Browse—Click and select the certificate key from your desired location. Upload—Click and upload the selected certificate key. Certificate Key—Displays the file path of the uploaded certificate key.
User	Select this option to enable user credentials.
Name	Enter a username.
Password	Enter the user password.
REST API	Enable this option to allow RPC execution over HTTP(S) connection.
Explorer	Select this option to enable REST API explorer.
Control	Select this option to enable control the REST API process.
Allowed sources	Provides the source IP address. Click + and enter the IPv4 address of the source. Then, click tick mark. To delete, select an existing address and click the delete icon. Then, click Yes to delete it.
Connection limit	Click top or bottom arrows to select the number of simultaneous connections.
HTTP	Select to enable unencrypted HTTP connections for REST API.
Address	Click + and enter the IPv4 address for the incoming connections for HTTP of REST API. Then, click tick mark to add it. To delete, select an existing address and click the delete icon. Then, click Yes to delete it.
Port	Click top or bottom arrows to select the HTTP port to accept HTTP connections for REST API. Note: The default port for HTTP of REST API is 3000.
HTTPS	Select to enable encrypted HTTPS connections for REST API.
Address	Click + and enter the IPv4 address for the incoming connections for HTTPS of REST API. Then, click tick mark to add it. To delete, select an existing address and click the delete icon. Then, click Yes to delete it.
Cipher list	Select the Cipher suites in order of your preference and click on the left arrow or right arrow to add.
Port	Click top or bottom arrows to select the HTTPS port to accept the HTTPS connection of REST API. Note: The default port for HTTPS of REST API is 3443.
Server certificate	Select server certificate from the list. See Import a Device Certificate to import a device certificate.
CA Profile	Select the certificate authority profile for HTTPS of REST API from the list. To create Certificate Authority inline: Click Create Certificate Authority Profile. Enter the following details: CA Profile —Enter the CA profile name. CA Identifier —Enter the CA identifier. File Path on Device for Certificate: Browse—Click and select the certificate from your desired location. Upload—Click and upload the selected certificate. File Path on Device for Certificate—Displays the file path of the selected certificate. Click OK.
Security Logging
Stream mode logging	Select this option to enable logging. Note: The Enable Traffic Logs option is available for user logical system and tenants.
UTC timestamp	Select this option to enable UTC Timestamp for security log timestamps.
Log on	Select one of the log on types for logging. Source Address—Select this option to enter the source IP address. Source Interface—Select this option to select a source interface from the list.
IP address	Enter the source IP address. Note: This option is available if you select the log on type as Source Address.
Format	Specifies the format in which the logs are stored. Select a format in which the logs are stored from the list. binary—Binary encoded text to conserve resources. SD-Syslog—Structured system log file. Syslog—Traditional system log file. By default, None logging format is selected.
Transport protocol	Select an option from the list to specify the type of logging transport protocol: TCP—Select this option to set the transport protocol to TCP. UDP—Select this option to set the transport protocol to UDP. TLS—Select this option to set the transport protocol to TLS. By default, None is selected.
Connections	Select the TCP or TLS connections for logging using up and down arrows. Note: This option is available if you select the transport protocol option as TCP or TLS.
TLS profile	Select a TLS profile from the list. Note: This option is available if you select the transport protocol option as TLS.
Syslog server	Enables you to configure syslog servers. You can configure a maximum of three syslog servers. Perform one of the following tasks: To create syslog server, click +, enter the following details and then click OK. Name—Enter the name of the new stream configuration. Save At—Select the location from the list to save the stream. Type—Select a format in which the logs are stored from the list. The log types are: Structure Standard Web Host—Enter the IP address for the stream host name. To edit an existing syslog server, select it and click the pencil icon. Then, edit the saving mode, streaming type, and host in the Edit Syslog page and click OK. To delete an existing syslog server, select it and click the delete icon.
On-box reporting	Enable this option to generate on-box reports. Note: We recommend you use Stream mode logging to syslog server.
SNMP
Contact information	Enter any contact information for the administrator of the system (such as name and phone number).
System description	Enter any information that describes the system.
Local engine ID	Enter the MAC address of Ethernet management port 0. Specifies the administratively unique identifier of an SNMPv3 engine for system identification. The local engine ID contains a prefix and a suffix. The prefix is formatted according to specifications defined in RFC 3411. The suffix is defined by the local engine ID. Generally, the local engine ID suffix is the MAC address of Ethernet management port 0.
System location	Enter any location information for the system (lab name or rack name, for example).
System name override	Specifies the option to override the system hostname. Enter the name of the system.
Community	Specifies the name and authorization for the SNMP community. Click +. Enter the name of the community being added. Select the desired authorization (either read-only or read-write) from the list. Click tick mark.
Trap groups
Name	Click + to add a trap group. Enter the SNMP trap group being configured.
Categories	Select trap categories to add to the trap group being configured. The options available are: Authentication Chassis Configuration Link Remote operations RMON alarm Routing Startup CRRP events
Targets	Specifies one or more IP addresses that specify the systems to receive SNMP traps that are generated by the trap group being configured. Click +, enter the target IP address for SNMP trap group, and click tick mark.
Health monitoring	Enable the option to check the SNMP health monitor on the device. The health monitor periodically checks the following key indicators of device health: Percentage of file storage used Percentage of Routing Engine CPU used Percentage of Routing Engine memory used Percentage of memory used for each system process Percentage of CPU used by the forwarding process Percentage of memory used for temporary storage by the forwarding process
Interval	Specifies the sampling frequency interval, in seconds, over which the key health indicators are sampled and compared with the rising and falling thresholds. For example, if you configure the interval as 100 seconds, the values are checked every 100 seconds. Select a value from 1 through 24855. The default value is 300 seconds.
Rising threshold	Specifies the value at which you want SNMP to generate an event (trap and system log message) when the value of a sampled indicator is increasing. For example, if the rising threshold is 90, SNMP generates an event when the value of any key indicator reaches or exceeds 90 seconds. Select a value from 1 through 100. The default value is 90 seconds.
Falling threshold	Specifies a value at which you want SNMP to generate an event (trap and system log message) when the value of a sampled indicator is decreasing. For example, if the falling threshold is 80, SNMP generates an event when the value of any key indicator falls back to 80 seconds or less. Select a value 0 through 100. The default value is 80 seconds.
Redundant PSU Note: SRX380 devices support power supply redundancy for power management.
Power Supply 0	Displays if the power supply is present or not.
Power Supply 1	Displays if the redundant power supply is present or not.
PSU Redundancy	Enable this option to manage power on the SRX380 device. Note: This option is available only when the device is in the standalone mode.

Configure Basic Settings

Related Documentation