Advertisement
tirabytes

Juniper SRX: Base (VLAN)

Apr 16th, 2012
407
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.05 KB | None | 0 0
  1. delete system services dhcp
  2. delete system services telnet
  3. delete system services web-management
  4. delete system name-server 208.67.222.222
  5. delete system name-server 208.67.220.220
  6.  
  7. delete interfaces vlan unit 0 family inet address 192.168.1.1/24
  8.  
  9. delete security nat
  10.  
  11. delete security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services dhcp
  12. delete security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services tftp
  13.  
  14.  
  15.  
  16. set system host-name [HOSTNAME]
  17. set system root-authentication plain-text
  18.  
  19. set system name-server [DNS SERVER]
  20.  
  21. set interfaces fe-0/0/0 unit 1000 vland-id 1000
  22. set interfaces fe-0/0/0 unit 1000 family inet address [WAN1 IP ADDRESS]
  23.  
  24. set interfaces fe-0/0/0 unit 2000 vland-id 2000
  25. set interfaces fe-0/0/0 unit 2000 family inet address [WAN2 IP ADDRESS]
  26.  
  27. set interfaces vlan unit 0 family inet address [LAN IP ADDRESS]
  28.  
  29. set routing-options static route 0.0.0.0/0 next-hop [DEFAULT GATEWAY]
  30. set routing-options static route [REMOTE SUBNET] next-hop [DEFAULT GATEWAY2]
  31.  
  32. set security zones security-zone trust host-inbound-traffic system-services all
  33. set security zones security-zone trust host-inbound-traffic protocols all
  34. set security zones security-zone trust interfaces fe-0/0/0.2000 host-inbound-traffic system-services all
  35. set security zones security-zone trust interfaces fe-0/0/0.2000 host-inbound-traffic protocols all
  36. set security zones security-zone trust interfaces vlan.0 host-inbound-traffic system-services all
  37. set security zones security-zone trust interfaces vlan.0 host-inbound-traffic protocols all
  38.  
  39. set security zones security-zone untrust screen untrust-screen
  40. set security zones security-zone untrust interfaces fe-0/0/0.1000 host-inbound-traffic system-services ssh
  41. set security zones security-zone untrust interfaces fe-0/0/0.1000 host-inbound-traffic system-services ping
  42.  
  43. set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
  44. set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
  45. set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
  46. set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
  47.  
  48. set security policies from-zone untrust to-zone trust policy untrust-to-trust match source-address any
  49. set security policies from-zone untrust to-zone trust policy untrust-to-trust match destination-address any
  50. set security policies from-zone untrust to-zone trust policy untrust-to-trust match application any
  51. set security policies from-zone untrust to-zone trust policy untrust-to-trust then permit
  52.  
  53. set security policies from-zone trust to-zone trust policy trust-to-trust match source-address any
  54. set security policies from-zone trust to-zone trust policy trust-to-trust match destination-address any
  55. set security policies from-zone trust to-zone trust policy trust-to-trust match application any
  56. set security policies from-zone trust to-zone trust policy trust-to-trust then permit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement