API tools faq
paste
Advertisement
Guest User

CE01

a guest
Sep 19th, 2017
909
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.32 KB | None | 0 0
raw download clone embed print report
  1. root@CE01# show | display set
  2. set version 15.1X49-D100.6
  3. set system host-name CE01
  4. set system domain-name testlab.com
  5. set system root-authentication encrypted-password "$5$yraL0low$jG5N9cjWvB3TTxjtXfJBR.klfrxpzVaNEoy9UROkJu1"
  6. set system login user the-packet-thrower uid 2000
  7. set system login user the-packet-thrower class super-user
  8. set system login user the-packet-thrower authentication encrypted-password "$5$Usz/ClKp$tOPBJe47yg9I12GiMgEp9MRpyLVkd6BQhn.QryfMzc8"
  9. set system services ssh
  10. set system services web-management http interface fxp0.0
  11. set system syslog user * any emergency
  12. set system syslog file messages any any
  13. set system syslog file messages authorization info
  14. set system syslog file interactive-commands interactive-commands any
  15. set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
  16. set security log mode stream
  17. set security log report
  18. set security policies from-zone MGMT to-zone MGMT policy default-permit match source-address any
  19. set security policies from-zone MGMT to-zone MGMT policy default-permit match destination-address any
  20. set security policies from-zone MGMT to-zone MGMT policy default-permit match application any
  21. set security policies from-zone MGMT to-zone MGMT policy default-permit then permit
  22. set security policies from-zone trust to-zone trust policy default-permit match source-address any
  23. set security policies from-zone trust to-zone trust policy default-permit match destination-address any
  24. set security policies from-zone trust to-zone trust policy default-permit match application any
  25. set security policies from-zone trust to-zone trust policy default-permit then permit
  26. set security policies from-zone trust to-zone untrust policy default-permit match source-address any
  27. set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
  28. set security policies from-zone trust to-zone untrust policy default-permit match application any
  29. set security policies from-zone trust to-zone untrust policy default-permit then permit
  30. set security zones security-zone MGMT tcp-rst
  31. set security zones security-zone MGMT host-inbound-traffic system-services all
  32. set security zones security-zone MGMT host-inbound-traffic protocols all
  33. set security zones security-zone MGMT interfaces ge-0/0/0.0
  34. set security zones security-zone trust tcp-rst
  35. set security zones security-zone trust host-inbound-traffic system-services all
  36. set security zones security-zone trust host-inbound-traffic protocols all
  37. set security zones security-zone trust interfaces ge-0/0/1.0
  38. set security zones security-zone trust interfaces ge-0/0/2.0
  39. set security zones security-zone untrust
  40. set interfaces ge-0/0/0 unit 0 family inet address 10.20.2.215/24
  41. set interfaces ge-0/0/1 unit 0 family inet address 192.168.1.1/24
  42. set interfaces ge-0/0/2 unit 0 family inet address 172.16.11.1/24
  43. set interfaces ge-0/0/2 unit 0 family inet address 172.16.12.1/24
  44. set interfaces ge-0/0/2 unit 0 family inet address 172.16.13.1/24
  45. set interfaces ge-0/0/2 unit 0 family inet address 172.16.14.1/24
  46. set interfaces fxp0 unit 0
  47. set interfaces lo0 unit 0 family inet address 192.168.254.1/32
  48. set routing-options autonomous-system 65101
  49. set protocols bgp group CUST-A type external
  50. set protocols bgp group CUST-A export EXPORT-BGP
  51. set protocols bgp group CUST-A peer-as 65123
  52. set protocols bgp group CUST-A neighbor 192.168.1.254
  53. set policy-options policy-statement EXPORT-BGP from protocol direct
  54. set policy-options policy-statement EXPORT-BGP then accept
  55. set policy-options policy-statement EXPORT-RIP from protocol direct
  56. set policy-options policy-statement EXPORT-RIP then accept
  57. set policy-options policy-statement IMPORT-BGP then accept
  58. set routing-instances MGMT instance-type virtual-router
  59. set routing-instances MGMT interface ge-0/0/0.0
  60. set routing-instances MGMT routing-options static route 0.0.0.0/0 next-hop 10.20.2.1
  61.  
  62. [edit]
  63. root@CE01# show
  64. ## Last changed: 2017-09-19 07:41:00 UTC
  65. version 15.1X49-D100.6;
  66. system {
  67. host-name CE01;
  68. domain-name testlab.com;
  69. root-authentication {
  70. encrypted-password "$5$yraL0low$jG5N9cjWvB3TTxjtXfJBR.klfrxpzVaNEoy9UROkJu1"; ## SECRET-DATA
  71. }
  72. login {
  73. user the-packet-thrower {
  74. uid 2000;
  75. class super-user;
  76. authentication {
  77. encrypted-password "$5$Usz/ClKp$tOPBJe47yg9I12GiMgEp9MRpyLVkd6BQhn.QryfMzc8"; ## SECRET-DATA
  78. }
  79. }
  80. }
  81. services {
  82. ssh;
  83. web-management {
  84. http {
  85. interface fxp0.0;
  86. }
  87. }
  88. }
  89. syslog {
  90. user * {
  91. any emergency;
  92. }
  93. file messages {
  94. any any;
  95. authorization info;
  96. }
  97. file interactive-commands {
  98. interactive-commands any;
  99. }
  100. }
  101. license {
  102. autoupdate {
  103. url https://ae1.juniper.net/junos/key_retrieval;
  104. }
  105. }
  106. }
  107. security {
  108. log {
  109. mode stream;
  110. report;
  111. }
  112. policies {
  113. from-zone MGMT to-zone MGMT {
  114. policy default-permit {
  115. match {
  116. source-address any;
  117. destination-address any;
  118. application any;
  119. }
  120. then {
  121. permit;
  122. }
  123. }
  124. }
  125. from-zone trust to-zone trust {
  126. policy default-permit {
  127. match {
  128. source-address any;
  129. destination-address any;
  130. application any;
  131. }
  132. then {
  133. permit;
  134. }
  135. }
  136. }
  137. from-zone trust to-zone untrust {
  138. policy default-permit {
  139. match {
  140. source-address any;
  141. destination-address any;
  142. application any;
  143. }
  144. then {
  145. permit;
  146. }
  147. }
  148. }
  149. }
  150. zones {
  151. security-zone MGMT {
  152. tcp-rst;
  153. host-inbound-traffic {
  154. system-services {
  155. all;
  156. }
  157. protocols {
  158. all;
  159. }
  160. }
  161. interfaces {
  162. ge-0/0/0.0;
  163. }
  164. }
  165. security-zone trust {
  166. tcp-rst;
  167. host-inbound-traffic {
  168. system-services {
  169. all;
  170. }
  171. protocols {
  172. all;
  173. }
  174. }
  175. interfaces {
  176. ge-0/0/1.0;
  177. ge-0/0/2.0;
  178. }
  179. }
  180. security-zone untrust;
  181. }
  182. }
  183. interfaces {
  184. ge-0/0/0 {
  185. unit 0 {
  186. family inet {
  187. address 10.20.2.215/24;
  188. }
  189. }
  190. }
  191. ge-0/0/1 {
  192. unit 0 {
  193. family inet {
  194. address 192.168.1.1/24;
  195. }
  196. }
  197. }
  198. ge-0/0/2 {
  199. unit 0 {
  200. family inet {
  201. address 172.16.11.1/24;
  202. address 172.16.12.1/24;
  203. address 172.16.13.1/24;
  204. address 172.16.14.1/24;
  205. }
  206. }
  207. }
  208. fxp0 {
  209. unit 0;
  210. }
  211. lo0 {
  212. unit 0 {
  213. family inet {
  214. address 192.168.254.1/32;
  215. }
  216. }
  217. }
  218. }
  219. routing-options {
  220. autonomous-system 65101;
  221. }
  222. protocols {
  223. bgp {
  224. group CUST-A {
  225. type external;
  226. export EXPORT-BGP;
  227. peer-as 65123;
  228. neighbor 192.168.1.254;
  229. }
  230. }
  231. }
  232. policy-options {
  233. policy-statement EXPORT-BGP {
  234. from protocol direct;
  235. then accept;
  236. }
  237. policy-statement EXPORT-RIP {
  238. from protocol direct;
  239. then accept;
  240. }
  241. policy-statement IMPORT-BGP {
  242. then accept;
  243. }
  244. }
  245. routing-instances {
  246. MGMT {
  247. instance-type virtual-router;
  248. interface ge-0/0/0.0;
  249. routing-options {
  250. static {
  251. route 0.0.0.0/0 next-hop 10.20.2.1;
  252. }
  253. }
  254. }
  255. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!