[j-nsp] Disable telnet/ssh access from virtual routers
Hugo Slabbert
hugo at slabnet.com
Wed Jul 15 15:23:31 EDT 2015
On Wed 2015-Jul-15 10:51:58 -0600, Stacy W. Smith <stacy at acm.org> wrote:
>
>> On Jul 15, 2015, at 10:46 AM, Victor Sudakov <vas at mpeks.tomsk.su> wrote:
>>
>> Stacy W. Smith wrote:
>>> https://kb.juniper.net/InfoCenter/index?page=content&id=KB23547
>>>
>>> The article states it applies to VRFs, but it also applies to routing instances of type "virtual-router".
>>>
>>
>> This lo0.x interface does not have to have an IP address, does it?
>
>I haven't tested it myself, but I don't believe it has to have an IP address configured. It does have to have family inet/inet6 configured because that's where you apply the filter, but I don't think it has to have an address configured.
I can confirm that; no IP is needed on the lo0.x units in the VRs/VRFs.
>
>--Stacy
>
--
Hugo
More information about the juniper-nsp
mailing list