全部博文(535)
分类:
2012-04-10 14:52:22
| Juniper SRX基础配置 SRX基础配置实验: 1.确保电源打开 2.root用户登录,没有密码 3.进入CLI模式 root# cli root@> 4.进入configuration 模式 configure [edit] root@# 5.设置root密码 [edit] root@# set system root-authentication plain-text-password New password: password Retype new password: password 6.配置新用户 [edit] root@# set system login user admin class super-user authentication plain-text-password 7.确认commit [edit] root@# commit 8.用你第六步新创建的账户登录 9.配置设备名称 configure [edit] admin@# set system host-name host-name 10.配置数据接口 [edit] admin@# set interfaces fe-0/0/1 unit 0 family inet 192.168.1.1/24 11.配置默认 [edit] admin@# set routing-options static route 0.0.0.0/0 {下一条地址} 12.配置安全区域,并且将端口加入 [edit] admin@# set security zones security-zone untrust interfaces fe-0/0/1 13.配置基本的策略 [edit] admin@# set security policies from-zone trust to-zone untrust policy policy-name match source-address any destination-address any application any root@# set security policies from-zone trust to-zone untrust policy policy-name then permit 14.配置NAT [edit] admin@# set security nat source rule-set interface-nat from zone trust admin@# set security nat source rule-set interface-nat to zone untrust admin@# set security nat source rule-set interface-nat rule rule1 match source-address 0.0.0.0/0 destination-address 0.0.0.0/0 admin@# set security nat source rule-set interface-nat rule rule1 then source-nat interface Check the configuration for validity. [edit] 15.效验配置 admin@# commit check configuration check succeeds 16.提交配置 [edit] admin@# commit commit complete 17.显示设备配置 [edit] user@host# show system { host-name devicea; domain-name lab.device.net; domain-search [ lab.device.net device.net ]; backup-device 192.168.2.44; time-zone America/Los_Angeles; root-authentication { ssh-rsa "ssh-rsa AAAAB3Nza...D9Y2gXF9ac==root@devicea.lab.device.net"; } name-server { 10.148.2.32; } services { } ntp { server 10.148.2.21; } } interfaces { fe-0/0/0 { unit 0 { family inet { address 192.168.1.1/24; } } } lo0 { unit 0 { family inet { address 172.16.1.24/32; } } } } 18.提交配置 [edit] admin@# commit 19.Optionally, configure additional properties by adding the necessary configuration statements. Then commit the changes to activate them on the device. [edit] admin@host# commit 20.When you have finished configuring the device, exit configuration mode. [edit] admin@host# exit admin@host> |
