Switching

 View Only
last person joined: 3 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

Support for syslog over TLS (EX Series, MX Series) in Junos OS Release 21.2R1

  • 1.  Support for syslog over TLS (EX Series, MX Series) in Junos OS Release 21.2R1

    Posted 07-19-2022 09:24

    As per the below link , it seems syslog over tls is applicable for SRX platform and ex/mx platform syslog over udp. but in juniper official portal, it has been mentioned such as syslog over TLS is possible  (https://www.juniper.net/documentation/us/en/software/junos/release-notes/21.2/junos-release-notes-21.2r1/junos-release-notes-21.2r1.pdf" title="https://www.juniper.net/documentation/us/en/software/junos/release-notes/21.2/junos-release-notes-21.2r1/junos-release-notes-21.2r1.pdf" href="https://www.juniper.net/documentation/us/en/software/junos/release-notes/21.2/junos-release-notes-21.2r1/junos-release-notes-21.2r1.pdf" rel="noopener noreferrer" target="_blank" tabindex="-1">https://www.juniper.net/documentation/us/en/software/junos/release-notes/21.2/junos-release-notes-21.2r1/junos-release-notes-21.2r1.pdf

    Support for syslog over TLS (EX Series, MX Series, PTX Series, and QFX Series)-S|-rঞn] in Junos OS
    Release 21.2R1, you can transport syslog (control plane) over Transport Layer Security (TLS) protocol.
    nc-rs†Ѵ-ঞn] syslog over TLS allows you to:
    • Validate the remote 7;sঞn-ঞon (syslog server) before |r-nsmbমn] any s;nsbঞv; syslog
    bn=orm-ঞonĺ (†|_;nঞc-ঞon)
    • Encrypt the syslog during the transport. ( ncryrঞon)
    • Verify that the data has not been mo7bC;7 or tampered with (Integrity)
    Before you enable this feature, ensure you:
    • ConC]†r; public key infrastructure (PKI) in Junos
    • ConC]†r; and load the digital c;rঞCc-|;s
    • ConC]†r; the remote 7;sঞn-ঞon (syslog server) that supports syslog over TLS
    To enable transport of syslog (control plane) over TLS, use the tls statement at the [edit system syslog
    host host-name transport] hierarchy level.)

    could you please suggest on this.

    Switchinghttps://community.juniper.net/communities/community-home/digestviewer/viewthread?MID=70945" title="https://community.juniper.net/communities/community-home/digestviewer/viewthread?mid=70945" href="https://community.juniper.net/communities/community-home/digestviewer/viewthread?MID=70945" rel="noopener noreferrer" target="_blank" tabindex="-1">

    Juniper remove preview
    Switching
    Hello,Is it possible to syslog from an EX switch to a remote syslog server over a TCP connection? I couldn't find the commands to setting up that. This is what
    View this on Juniper >

    https://community.juniper.net/communities/community-home/digestviewer/viewthread?MID=70945" title="https://community.juniper.net/communities/community-home/digestviewer/viewthread?mid=70945" href="https://community.juniper.net/communities/community-home/digestviewer/viewthread?MID=70945" rel="noopener noreferrer" target="_blank" tabindex="-1">



    ------------------------------
    DEEPAK ROHILLA
    ------------------------------