API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 23rd, 2018
133
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 8.64 KB | None | 0 0
raw download clone embed print report
  1. cli                            
  2. configure
  3. set system root-authentication plain-text-password  
  4.                                                     "Назначаю пароль на root"
  5. commit                                                                
  6.  
  7. set system login user bks class super-user authentication plain-text-password
  8.                                                     "Назначаю пароль для админа"
  9. commit
  10.  
  11. set system host-name Access_1
  12. set interfaces me0 unit 0 family inet address 192.168.250.101/24  "Назначаю ip адрес для managment интерфейса"
  13.  
  14.  
  15. delete system service telnet  "Удаляю telnet"
  16.                                               |
  17. set system services ssh                       |
  18. set system services ssh protocol-version v2   | "Настраиваю ssh"
  19. set system services ssh root-login deny       |
  20. set system services ssh connection-limit 10   |
  21. set system services ssh rate-limit 5          |
  22.  
  23.                                                              
  24. set chassis aggregated-devices ethernet device-count 1       |
  25. set interfaces ae0 aggregated-ether-options minimum-links 1  | "Настраиваю агрегацию интерфейсов"
  26. set interfaces ae0 aggregated-ether-options link-speed 10g   |
  27.  
  28. set interfaces ae0 unit 0 family ethernet-switching interface-mode trunk  | "Настраиваю trunk на агрегированном интерфейсе"
  29. set interfaces ae0 unit 0 family ethernet-switching vlan members all      |
  30.  
  31.  
  32. delete interfaces xe-0/1/0 unit 0   | "Удаляю интерфейсы xe-0/1/0.0 и xe-0/1/0.0"
  33. delete interfaces xe-0/1/1 unit 0   |
  34.  
  35. delete protocols rstp interface xe-0/1/0 | "удаляю rstp с интерфейсов xe-0/1/0.0 и xe-0/1/0.0, добавлюя rstp на агрегированном интерфейсе"
  36. delete protocols rstp interface xe-0/1/1 |
  37. set protocols rstp interface ae0         |
  38.  
  39. set interfaces xe-0/1/0 ether-options 802.3ad ae0 | "Добавляю в агрегрированный канал интерфейсы xe-0/1/0.0 и xe-0/1/0.0 "
  40. set interfaces xe-0/1/1 ether-options 802.3ad ae0 |
  41.  
  42. set interfaces ae0 aggregated-ether-options lacp active periodic fast | "Настраиваю свойства агрегированного канала"
  43.  
  44. "Создаю vlan-ы, и настраивая на них dhcp snooping и arp protection"
  45.  
  46. set vlans vlan_20 description “VLAN IT”
  47. set vlans vlan_20 vlan-id 20
  48. edit vlans vlan_20 forwarding-options dhcp-security
  49. set arp-inspection
  50. exit
  51.  
  52. set vlans vlan_21 description “VLAN IT_new”
  53. set vlans vlan_21 vlan-id 21
  54. edit vlans vlan_21 forwarding-options dhcp-security
  55. set arp-inspection
  56. exit
  57.  
  58. set vlans vlan_30 description “VLAN VDI”
  59. set vlans vlan_30 vlan-id 30
  60. edit vlans vlan_30 forwarding-options dhcp-security
  61. set arp-inspection
  62. exit
  63.  
  64. set vlans vlan_31 description “VLAN VDI”
  65. set vlans vlan_31 vlan-id 31
  66. edit vlans vlan_31 forwarding-options dhcp-security
  67. set arp-inspection
  68. exit
  69.  
  70. set vlans vlan_50 description “VLAN Servers”
  71. set vlans vlan_50 vlan-id 50
  72. edit vlans vlan_50 forwarding-options dhcp-security
  73. set arp-inspection
  74. exit
  75.  
  76. set vlans vlan_51 description “VLAN Vm_host”
  77. set vlans vlan_51 vlan-id 51
  78. edit vlans vlan_51 forwarding-options dhcp-security
  79. set arp-inspection
  80. exit
  81.  
  82. set vlans vlan_55 description “VLAN Servers”
  83. set vlans vlan_55 vlan-id 55
  84. edit vlans vlan_55 forwarding-options dhcp-security
  85. set arp-inspection
  86. exit
  87.  
  88. set vlans vlan_60 description “VLAN RD_collections”
  89. set vlans vlan_60 vlan-id 60
  90.  
  91. edit vlans vlan_60 forwarding-options dhcp-security
  92. set arp-inspection
  93. exit
  94.  
  95. set vlans vlan_100 description “VLAN VIP_Users”
  96. set vlans vlan_100 vlan-id 100
  97. edit vlans vlan_100 forwarding-options dhcp-security
  98. set arp-inspection
  99. exit
  100.  
  101. set vlans vlan_102 description “VLAN 2nd_Floor ”
  102. set vlans vlan_102 vlan-id 102
  103. edit vlans vlan_102 forwarding-options dhcp-security
  104. set arp-inspection
  105. exit
  106.  
  107. set vlans vlan_103 description “VLAN 3rd_Floor”
  108. set vlans vlan_103 vlan-id 103
  109. edit vlans vlan_103 forwarding-options dhcp-security
  110. set arp-inspection
  111. exit
  112.  
  113. set vlans vlan_104 description “VLAN 4rd_floor”
  114. set vlans vlan_104 vlan-id 104
  115. edit vlans vlan_104 forwarding-options dhcp-security
  116. set arp-inspection
  117. exit
  118.  
  119. set vlans vlan_120 description “VLAN ip_phone”
  120. set vlans vlan_120 vlan-id 120
  121. edit vlans vlan_120 forwarding-options dhcp-security
  122. set arp-inspection
  123. exit
  124.  
  125. set vlans vlan_150 description “VLAN Kapital”
  126. set vlans vlan_150 vlan-id 150
  127. edit vlans vlan_150 forwarding-options dhcp-security
  128. set arp-inspection
  129. exit
  130.  
  131. set vlans vlan_160 description “VLAN WiFi”
  132. set vlans vlan_160 vlan-id 160
  133. edit vlans vlan_160 forwarding-options dhcp-security
  134. set arp-inspection
  135. exit
  136.  
  137. set vlans vlan_161 description “VLAN Guest_WiFi”
  138. set vlans vlan_161 vlan-id 161
  139. edit vlans vlan_161 forwarding-options dhcp-security
  140. set arp-inspection
  141. exit
  142.  
  143. set vlans vlan_162 description “VLAN VIP”
  144. set vlans vlan_162 vlan-id 162
  145. edit vlans vlan_162 forwarding-options dhcp-security
  146. set arp-inspection
  147. exit
  148.  
  149. set vlans vlan_163 description “VLAN VIP_WiFi”
  150. set vlans vlan_163 vlan-id 163
  151. edit vlans vlan_163 forwarding-options dhcp-security
  152. set arp-inspection
  153. exit
  154.  
  155. set vlans vlan_200 description “VLAN Printers”
  156. set vlans vlan_200 vlan-id 200
  157. edit vlans vlan_200 forwarding-options dhcp-security
  158. set arp-inspection
  159. exit
  160.  
  161. set vlans vlan_10 description “VLAN Managment”
  162. set vlans vlan_10 vlan-id 10
  163. edit vlans vlan_10 forwarding-options dhcp-security
  164. set arp-inspection
  165. exit
  166.  
  167. set interfaces irb unit 10 family inet address 10.1.10.101/24 | "Настраиваю L3 интерфейс Vlan-а для управления"
  168. set vlans LAN l3-interface irb.10                             |
  169.  
  170. set interfaces interface-range VL_104 member-range ge-0/0/0 to ge-0/0/35                        |"Настраиваю диапазон интерфейсов и                                                                                                                                                                
  171. set interfaces interface-range VL_104 unit 0 family ethernet-switching interface-mode access    |настраиваю их как access порты для 104
  172. set interfaces interface-range VL_104 unit 0 family ethernet-switching vlan members vlan_104    |vlan (этажный vlan) "
  173.  
  174. set interfaces interface-range VL_Printers member-range ge-0/0/36 to ge-0/0/41                      |"Настройка диапазона интерфейсов и  
  175. set interfaces interface-range VL_Printers unit 0 family ethernet-switching interface-mode access   |настраиваю их как access порты дляset interfaces interface-range VL_Printers unit 0 family ethernet-switching vlan members vlan_200| 200 vlan (vlan для принтеров) "
  176.  
  177. set interfaces interface-range LANS_PORT member-range ge-0/0/0 to ge-0/0/47 |"Настраиваю диапазон интерфейсов для конечных устройств и
  178. set protocols rstp interface LANS_PORT edge                                 |устанавливаю значение rstp - edge (как portfast cisco)  "
  179.                                                                              
  180.  
  181. set protocols rstp bpdu-block-on-edge                                       | "Указываю, что на портах для конечных устройств
  182.                                                                             необходимо блокировать bpdu"
  183.  
  184. edit forwarding-options                                                     |
  185.  set storm-control-profiles STORM all bandwidth-percentage 10               | "Настраиваю защиту от штормов. Решил сделать процентное
  186. set storm-control-profiles STORM action-shutdown                           |   соотношение - если 10% от общего траффика занимает Так
  187. exit                                                                       | "нехороший" траффик - порт блокируется,  вроде
  188.                                                                            |  рекомендуют некоторые вендоры"
  189.                            
  190.  
  191.  
  192. set interfaces interface-range LANS_PORT unit 0 family ethernet-switching storm-control STORM | "Назначаю профиль защиты от штормов для ранее созданного диапазона портов для конечных устройств"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!