• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1066
  • Last Modified:

How do I enable the Secure BGP Template using the web GUI for a Juniper SSG5- Serial?

I have a hosting provider that gives us access to web GUI for our Juniper SSG5- Serial device (Firmware Version: 6.2.0r7.0 Firewall+VPN).

In order to help meet PCI Compliance, we need to enable the Secure BGP Template on this device.

Any ideas on how I go about doing it?

  • 2
1 Solution
Not sure what it is that you are asking as your request is a bit vague.

>In order to help meet PCI Compliance, we need to enable the Secure BGP Template on this device.
Do you have BGP running?

A secure BGP template typically involves from a Cisco IOS perspective, you can use the same template as BGP is a open stanadard. You will need to get the Juniper user manual to run building the template or I am sure you can find one utilizing Google.

Configure the BGP process
allow graceful restarts
Don't wait for IGP to catch up (no sync)
log neighbor changes
limit an insane number of prepends (Max AS limit)
Announce network blocks/prefixes
specify neighbor to eBGP peer with
enable TTL Security check
enable soft reconfiguration inbound
Set BGP neighbor password
hardset BGP version number
block any inbound announcements that include bogon networks
Prevent the meltdown of a router by filling the routing and BGP tables from a known peer (Max Prefix 380000)

add null routes for the accounced networks
add ACLs to your device
you can build a secure bgp template based on the cymru templates available here

Cymru does not have a tool for the Juniper, hence the reason I manually added the steps.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now