Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- set vlans v100-INTERNAL1 vlan-id 100
- set vlans v101-INTERNAL2 vlan-id 101
- set vlans v102-EXTERNAL vlan-id 102
- set interfaces fe-0/0/0 unit 0 family ethernet-switching vlan-members v100-INTERNAL1
- set interfaces fe-0/0/1 unit 0 family ethernet-switching vlan-members v101-INTERNAL2
- set interfaces fe-0/0/2 unit 0 family ethernet-switching vlan-members v102-EXTERNAL
- set interfaces vlan unit 100 family inet address 192.168.100.1/24
- set interfaces vlan unit 101 family inet address 192.168.101.1/24
- set interfaces vlan unit 102 family inet address 192.168.102.1/24
- set vlans v100-INTERNAL1 l3-interface vlan.100
- set vlans v101-INTERNAL2 l3-interface vlan.101
- set vlans v102-EXTERNAL l3-interface vlan.102
- set routing-options static route 0.0.0.0/0 next-hop 192.168.102.254
- set security zones security-zone INTERNAL host-inbound-traffic system-services all
- set security zones security-zone EXTERNAL host-inbound-traffic ping
- set security zones security-zone EXTERNAL interfaces vlan.102
- set security zones security-zone INTERNAL interfaces vlan.100
- set security zones security-zone INTERNAL interfaces vlan.101
- set security policies from-zone INTERNAL to-zone EXTERNAL policy PERMIT-OUTBOUND match source-address any destination-address any application any
- set security policies from-zone INTERNAL to-zone EXTERNAL policy PERMIT-OUTBOUND then permit
- set security policies from-zone INTERNAL to-zone INTERNAL policy PERMIT-INTERNAL match source-address any destination-address any application any
- set security policies from-zone INTERNAL to-zone INTERNAL policy PERMIT-INTERNAL then permit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
