Tag Archives: juniper

VRFs and Shared Services Cheating with Junos

The shared services area of the network is meant to provide common services — such as DNS, DHCP, and Internet access — to multiple logical networks/VRFs/customers. Cisco publishes a validated design for shared services that describes the use of multiple virtual firewalls and routers to provide connectivity between the shared services module and the VRFs in the network. I’m going to describe a method of collapsing the shared services firewalls and virtual routers into a single instance running on a single box using some of the features found in Juniper’s Junos platform.

Continue reading VRFs and Shared Services Cheating with Junos

Configuring VRF-Lite on IOS and Junos

This post is going to provide a very basic introduction to configuring VRFs on Cisco IOS and Juniper’s Junos. There’s so many configuration combinations and options for virtual routing that it would be impossible to go through everything in great detail. At the end of the post I’ll provide links to documentation where you can get detail if you want it.

Continue reading Configuring VRF-Lite on IOS and Junos

VPN Host Checker vs. AD Group Policy

This post is for anyone who administers a Juniper SSL VPN. I saw an issue in our environment recently that was created by an unexpected interaction between two different systems that were working to enforce our computer security policy. Because the way the systems were configured is pretty common and because the issue is not specifically warned against by Juniper, I’m going to share it here.

Continue reading VPN Host Checker vs. AD Group Policy

Juniper Olive

Olive refers to a regular PC or virtual machine that is running Juniper Networks’ JUNOS software. Juniper created Olive early on so they could perform testing of JUNOS during development. These days Olive is deprecated in favor of cheap, low-end M and J-series routers but is still used by people wanting to evaluate/test JUNOS or those who are studying for Juniper certifications.

For the most part Olive is fully functional as a basic router. The folks at JuniperClue have a good list of what’s known to work and known to not work so I won’t reproduce a separate list here.

In order to get an Olive up and running you require a valid copy of a JUNOS jinstall file which can be found on a “real” Juniper router and/or obtained from Juniper under a support contract.


Olive will exist as long as Juniper has no cause to eliminate it. Please don’t do anything stupid like contact JTAC about Olive, pirate copies of JUNOS or otherwise be a nuisance with it. Juniper has shown a lot of respect to its customers and the community by allowing Olive to exist. Please return the respect in kind.

Olive is in no way, shape, or form supported by Juniper or JTAC.

My Olive Related Posts

Other Olive Sites