Professional Documents
Culture Documents
Global
Version 1.0
Task Guide
Contents
1 Introduction.............................................................................................................................5
1.1 Purpose...........................................................................................................................5
1.2 Scope..............................................................................................................................5
1.3 Prerequisites...................................................................................................................5
1.4 Audience.........................................................................................................................5
1.5 Cross-References............................................................................................................5
1.6 Acronyms and Definitions...............................................................................................5
1.7 Document Conventions..................................................................................................5
2 Certificate renewal..................................................................................................................6
Table of Figures
Table 1: Prerequisites.....................................................................................................................5
Table 2: Acronyms & Definitions....................................................................................................5
1.2 Scope
This document is limited to renew the certificates in juniper SRX firewall.
1.3 Prerequisites
SL. No: Prerequisites Access Required
01. PCP Mandatory
02. Jump station server Mandatory
03. Old AXP account Mandatory
04. Putty Mandatory
Table 1: Prerequisites
1.4 Audience
This document will be referred by all SOMC & ISBL team members.
1.5 Cross-References
PCP:
https://pcp.seld.extranet.sonyericsson.com/Citrix/AccessPlatform/login.aspx
VWP: https://vwp.seld.sonymobile.com/vpn/index.html
Use the below URL to login to PCP Citrix to access the Jump station server. Today we
have two Citrix solution.
VWP (Primary)
PCP (Secondary)
NOTE: Both Primary and Secondary uses the below credentials to login.
STEP 2:
Username: XP account ID
Password: AD Password
PIN +Token: RSA (4 digit PIN) + (6 Digit Token generated PIN)
Click on Log On
We have 2 Jump station servers one is Primary and other one Secondary
Primary Jump station server: SELDMGT74
Secondary Jump station server: SELDMGT70.
NOTE: Only if Primary goes down then as a backup we can use secondary Jump station server.
Most of the time partners will be connected using Secondary Jump station server.
The below screenshot shows when we click on Jump station server SELDMGT74.
STEP 4: Click on Start Click on All Programs Click on Putty as shown below.
STEP 5: Enter the IP address or hostname of Jump station server or firewall details to
access juniper firewall
NOTE: In SOMC some firewalls are only accessed through Jump station server SELDMGT69 due
to missing firewalls rules, also we can access any other Juniper SRX firewall through jump station
server or direct SSH. It is individual to decide which one to use.
STEP 8: Once we login to the jump station server, SSH to juniper firewall.
Example:
NOTE: In this example I have selected seldfwav01a to login to the firewall changes as per the
requirement
In Juniper SRX environment, we actually use both the old and the new RADIUS accounts.
It is device specific. (For example; seldfwav01a/b uses the new RADIUS servers while
semofwad01/02 uses the old RADIUS servers.)
STEP 9: Enter the below command in order to enable the device to automatically renew
certificates by online enrollment or loaded manually in juniper SRX firewall.
[edit]
user@host# set security pki auto-re-enrollment certificate-id ca-ipsec ca-
<profile-name> ca-profile-ipsec challenge-<password-abc> re-enroll-trigger-
time-percentage 10 re-generate-keypair
[edit]
user@host# commit
[edit]
user@host> show security pki local-certificate detail
___________________________________________________________________