API tools faq
paste
Advertisement
tirabytes

Juniper SRX: Base (VLAN)

tirabytes
Apr 16th, 2012
405
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.05 KB | None | 0 0
raw download clone embed print report
  1. delete system services dhcp
  2. delete system services telnet
  3. delete system services web-management
  4. delete system name-server 208.67.222.222
  5. delete system name-server 208.67.220.220
  6.  
  7. delete interfaces vlan unit 0 family inet address 192.168.1.1/24
  8.  
  9. delete security nat
  10.  
  11. delete security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services dhcp
  12. delete security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services tftp
  13.  
  14.  
  15.  
  16. set system host-name [HOSTNAME]
  17. set system root-authentication plain-text
  18.  
  19. set system name-server [DNS SERVER]
  20.  
  21. set interfaces fe-0/0/0 unit 1000 vland-id 1000
  22. set interfaces fe-0/0/0 unit 1000 family inet address [WAN1 IP ADDRESS]
  23.  
  24. set interfaces fe-0/0/0 unit 2000 vland-id 2000
  25. set interfaces fe-0/0/0 unit 2000 family inet address [WAN2 IP ADDRESS]
  26.  
  27. set interfaces vlan unit 0 family inet address [LAN IP ADDRESS]
  28.  
  29. set routing-options static route 0.0.0.0/0 next-hop [DEFAULT GATEWAY]
  30. set routing-options static route [REMOTE SUBNET] next-hop [DEFAULT GATEWAY2]
  31.  
  32. set security zones security-zone trust host-inbound-traffic system-services all
  33. set security zones security-zone trust host-inbound-traffic protocols all
  34. set security zones security-zone trust interfaces fe-0/0/0.2000 host-inbound-traffic system-services all
  35. set security zones security-zone trust interfaces fe-0/0/0.2000 host-inbound-traffic protocols all
  36. set security zones security-zone trust interfaces vlan.0 host-inbound-traffic system-services all
  37. set security zones security-zone trust interfaces vlan.0 host-inbound-traffic protocols all
  38.  
  39. set security zones security-zone untrust screen untrust-screen
  40. set security zones security-zone untrust interfaces fe-0/0/0.1000 host-inbound-traffic system-services ssh
  41. set security zones security-zone untrust interfaces fe-0/0/0.1000 host-inbound-traffic system-services ping
  42.  
  43. set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
  44. set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
  45. set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
  46. set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
  47.  
  48. set security policies from-zone untrust to-zone trust policy untrust-to-trust match source-address any
  49. set security policies from-zone untrust to-zone trust policy untrust-to-trust match destination-address any
  50. set security policies from-zone untrust to-zone trust policy untrust-to-trust match application any
  51. set security policies from-zone untrust to-zone trust policy untrust-to-trust then permit
  52.  
  53. set security policies from-zone trust to-zone trust policy trust-to-trust match source-address any
  54. set security policies from-zone trust to-zone trust policy trust-to-trust match destination-address any
  55. set security policies from-zone trust to-zone trust policy trust-to-trust match application any
  56. set security policies from-zone trust to-zone trust policy trust-to-trust then permit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!