Advertisement
tirabytes

Juniper SRX: Base config (Ethernet)

Mar 13th, 2011
503
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.21 KB | None | 0 0
  1. delete system services dhcp
  2. delete system services telnet
  3. delete system services web-management
  4. delete system name-server 208.67.222.222
  5. delete system name-server 208.67.220.220
  6.  
  7. delete interfaces vlan unit 0 family inet address 192.168.1.1/24
  8.  
  9. delete security nat
  10.  
  11. delete security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services dhcp
  12. delete security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services tftp
  13.  
  14.  
  15.  
  16. set system host-name [HOSTNAME]
  17. set system root-authentication plain-text
  18.  
  19. set system name-server [DNS SERVER]
  20.  
  21. set interfaces fe-0/0/0 unit 0 family inet address [WAN IP ADDRESS]
  22.  
  23. set interfaces vlan unit 0 family inet address [LAN IP ADDRESS]
  24.  
  25. set routing-options static route 0.0.0.0/0 next-hop [DEFAULT GATEWAY]
  26.  
  27. set security zones security-zone trust host-inbound-traffic system-services all
  28. set security zones security-zone trust host-inbound-traffic protocols all
  29. set security zones security-zone trust interfaces vlan.0 host-inbound-traffic system-services all
  30. set security zones security-zone trust interfaces vlan.0 host-inbound-traffic protocols all
  31.  
  32. set security zones security-zone untrust screen untrust-screen
  33. set security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services ssh
  34. set security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services ping
  35.  
  36. set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
  37. set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
  38. set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
  39. set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
  40.  
  41. set security policies from-zone untrust to-zone trust policy untrust-to-trust match source-address any
  42. set security policies from-zone untrust to-zone trust policy untrust-to-trust match destination-address any
  43. set security policies from-zone untrust to-zone trust policy untrust-to-trust match application any
  44. set security policies from-zone untrust to-zone trust policy untrust-to-trust then permit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement