API tools faq
paste
Advertisement
demoss

cfg_wan_disp_set

demoss
Mar 24th, 2013
181
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 11.70 KB | None | 0 0
raw download clone embed print report
  1. root@godnet# show |display set
  2. set version 11.2R4.3
  3. set system host-name godnet
  4. set system time-zone GMT+4
  5. set system root-authentication encrypted-password "$1$VefloaO/$sKiqNrllv5T5n6e.TdXMT0"
  6. set system name-server 10.0.10.254
  7. set system name-server 10.0.1.254
  8. set system name-server 8.8.8.8
  9. set system name-server 8.8.4.4
  10. set system services ssh
  11. set system services telnet
  12. set system services xnm-clear-text
  13. set system services web-management http interface vlan.0
  14. set system services web-management http interface vlan.1
  15. set system services web-management http interface vlan.2
  16. set system services web-management http interface vlan.3
  17. set system services web-management https system-generated-certificate
  18. set system services web-management https interface vlan.0
  19. set system services web-management https interface ge-0/0/0.0
  20. set system services web-management https interface ge-0/0/15.0
  21. set system services web-management https interface ge-0/0/1.0
  22. set system services web-management https interface vlan.3
  23. set system services web-management https interface vlan.2
  24. set system services web-management https interface vlan.1
  25. set system services dhcp pool 192.168.1.0/24 address-range low 192.168.1.2
  26. set system services dhcp pool 192.168.1.0/24 address-range high 192.168.1.254
  27. set system services dhcp pool 192.168.1.0/24 router 192.168.1.1
  28. set system services dhcp pool 192.168.1.0/24 propagate-settings vlan.0
  29. set system services dhcp pool 192.168.11.0/24 address-range low 192.168.11.1
  30. set system services dhcp pool 192.168.11.0/24 address-range high 192.168.11.253
  31. set system services dhcp pool 192.168.11.0/24 maximum-lease-time 86400
  32. set system services dhcp pool 192.168.11.0/24 default-lease-time 86400
  33. set system services dhcp pool 192.168.11.0/24 router 192.168.11.254
  34. set system services dhcp pool 192.168.11.0/24 propagate-settings vlan.1
  35. set system services dhcp pool 192.168.22.0/24 address-range low 192.168.22.1
  36. set system services dhcp pool 192.168.22.0/24 address-range high 192.168.22.253
  37. set system services dhcp pool 192.168.22.0/24 maximum-lease-time 86400
  38. set system services dhcp pool 192.168.22.0/24 router 192.168.22.254
  39. set system services dhcp pool 192.168.22.0/24 propagate-settings vlan.2
  40. set system services dhcp pool 192.168.33.0/24 address-range low 192.168.33.1
  41. set system services dhcp pool 192.168.33.0/24 address-range high 192.168.33.253
  42. set system services dhcp pool 192.168.33.0/24 maximum-lease-time 86400
  43. set system services dhcp pool 192.168.33.0/24 domain-name cbuh.karelia.pro
  44. set system services dhcp pool 192.168.33.0/24 router 192.168.33.254
  45. set system services dhcp pool 192.168.33.0/24 propagate-settings vlan.3
  46. set system syslog archive size 100k
  47. set system syslog archive files 3
  48. set system syslog user * any emergency
  49. set system syslog file messages any critical
  50. set system syslog file messages authorization info
  51. set system syslog file interactive-commands interactive-commands error
  52. set system max-configurations-on-flash 5
  53. set system max-configuration-rollbacks 5
  54. set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
  55. set interfaces ge-0/0/0 unit 0 family inet address 178.19.246.156/29
  56. set interfaces ge-0/0/1 unit 0 family inet address 178.19.242.225/29
  57. set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members vlan-trust
  58. set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members vlan-trust
  59. set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members server
  60. set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members minedu
  61. set interfaces ge-0/0/6 unit 0 family ethernet-switching vlan members cbedu
  62. set interfaces ge-0/0/7 unit 0 family ethernet-switching vlan members vlan-trust
  63. set interfaces ge-0/0/8 unit 0 family ethernet-switching vlan members vlan-trust
  64. set interfaces ge-0/0/9 unit 0 family ethernet-switching vlan members vlan-trust
  65. set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members vlan-trust
  66. set interfaces ge-0/0/11 unit 0 family ethernet-switching vlan members vlan-trust
  67. set interfaces ge-0/0/12 unit 0 family ethernet-switching vlan members vlan-trust
  68. set interfaces ge-0/0/13 unit 0 family ethernet-switching vlan members vlan-trust
  69. set interfaces ge-0/0/14 unit 0 family ethernet-switching vlan members vlan-trust
  70. set interfaces ge-0/0/15 unit 0 family inet address 192.168.26.237/24
  71. set interfaces vlan unit 0 family inet address 192.168.1.1/24
  72. set interfaces vlan unit 1 family inet address 192.168.11.254/24
  73. set interfaces vlan unit 2 family inet address 192.168.22.254/24
  74. set interfaces vlan unit 3 family inet address 192.168.33.254/24
  75. set routing-options static route 0.0.0.0/0 next-hop 178.19.246.158
  76. set routing-options static route 192.168.26.0/24 next-hop 192.168.11.254
  77. set protocols stp
  78. set security flow allow-dns-reply
  79. set security screen ids-option untrust-screen icmp ping-death
  80. set security screen ids-option untrust-screen ip source-route-option
  81. set security screen ids-option untrust-screen ip tear-drop
  82. set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
  83. set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
  84. set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
  85. set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
  86. set security screen ids-option untrust-screen tcp syn-flood timeout 20
  87. set security screen ids-option untrust-screen tcp land
  88. set security nat source pool snat-pool1 address 178.19.246.153/32 to 178.19.246.156/32
  89. set security nat source pool snat-pool2 address 217.77.50.129/32 to 217.77.50.131/32
  90. set security nat source rule-set trust-to-untrust from zone trust
  91. set security nat source rule-set trust-to-untrust to zone untrust
  92. set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
  93. set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat pool snat-pool1
  94. set security nat source rule-set srv-untrast from zone server
  95. set security nat source rule-set srv-untrast to zone untrust
  96. set security nat source rule-set srv-untrast rule srv-pool2 match source-address 192.168.11.0/24
  97. set security nat source rule-set srv-untrast rule srv-pool2 match destination-address 0.0.0.0/0
  98. set security nat source rule-set srv-untrast rule srv-pool2 then source-nat pool snat-pool1
  99. set security nat source rule-set srv-trust from zone server
  100. set security nat source rule-set srv-trust to interface ge-0/0/15.0
  101. set security nat source rule-set srv-trust rule srv-trust match source-address 192.168.11.0/24
  102. set security nat source rule-set srv-trust rule srv-trust match destination-address 192.168.26.0/24
  103. set security nat source rule-set srv-trust rule srv-trust then source-nat interface
  104. set security nat proxy-arp interface ge-0/0/0.0 address 178.19.246.153/32 to 178.19.246.156/32
  105. set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
  106. set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
  107. set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
  108. set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
  109. set security policies from-zone server to-zone untrust policy srv-untrast match source-address srv-net
  110. set security policies from-zone server to-zone untrust policy srv-untrast match destination-address any
  111. set security policies from-zone server to-zone untrust policy srv-untrast match application any
  112. set security policies from-zone server to-zone untrust policy srv-untrast then permit
  113. set security policies from-zone minedu to-zone untrust policy min-untrast match source-address min-net
  114. set security policies from-zone minedu to-zone untrust policy min-untrast match destination-address any
  115. set security policies from-zone minedu to-zone untrust policy min-untrast match application any
  116. set security policies from-zone minedu to-zone untrust policy min-untrast then permit
  117. set security policies from-zone edubuh to-zone untrust policy buh-untrast match source-address buh-net
  118. set security policies from-zone edubuh to-zone untrust policy buh-untrast match destination-address any
  119. set security policies from-zone edubuh to-zone untrust policy buh-untrast match application any
  120. set security policies from-zone edubuh to-zone untrust policy buh-untrast then permit
  121. set security policies from-zone server to-zone trust policy srv-trust match source-address any
  122. set security policies from-zone server to-zone trust policy srv-trust match destination-address old-net
  123. set security policies from-zone server to-zone trust policy srv-trust match application any
  124. set security policies from-zone server to-zone trust policy srv-trust then permit
  125. set security zones security-zone trust address-book address old-net 192.168.26.0/24
  126. set security zones security-zone trust host-inbound-traffic system-services all
  127. set security zones security-zone trust host-inbound-traffic protocols all
  128. set security zones security-zone trust interfaces vlan.0
  129. set security zones security-zone trust interfaces ge-0/0/15.0
  130. set security zones security-zone untrust screen untrust-screen
  131. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services tftp
  132. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services http
  133. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping
  134. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
  135. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic protocols bgp
  136. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic protocols ospf
  137. set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic protocols rip
  138. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic system-services tftp
  139. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic system-services http
  140. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
  141. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic system-services ssh
  142. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic protocols bgp
  143. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic protocols ospf
  144. set security zones security-zone untrust interfaces ge-0/0/1.0 host-inbound-traffic protocols rip
  145. set security zones security-zone server address-book address srv-net 192.168.11.0/24
  146. set security zones security-zone server host-inbound-traffic system-services all
  147. set security zones security-zone server host-inbound-traffic protocols all
  148. set security zones security-zone server interfaces vlan.1
  149. set security zones security-zone minedu address-book address min-net 192.168.22.0/24
  150. set security zones security-zone minedu host-inbound-traffic system-services all
  151. set security zones security-zone minedu host-inbound-traffic protocols all
  152. set security zones security-zone minedu interfaces vlan.2
  153. set security zones security-zone edubuh address-book address buh-net 192.168.33.0/24
  154. set security zones security-zone edubuh host-inbound-traffic system-services all
  155. set security zones security-zone edubuh host-inbound-traffic protocols all
  156. set security zones security-zone edubuh interfaces vlan.3
  157. set vlans cbedu vlan-id 33
  158. set vlans cbedu l3-interface vlan.3
  159. set vlans minedu vlan-id 22
  160. set vlans minedu l3-interface vlan.2
  161. set vlans server vlan-id 11
  162. set vlans server l3-interface vlan.1
  163. set vlans vlan-trust vlan-id 3
  164. set vlans vlan-trust l3-interface vlan.0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!