API tools faq
paste
Advertisement
demoss

CFG_3

demoss
Feb 25th, 2015
526
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 13.83 KB | None | 0 0
raw download clone embed print report
  1. set version 12.1X45.5
  2. set system host-name godnet
  3. set system time-zone GMT+4
  4. set system authentication-order password
  5. set system root-authentication encrypted-password "$1$VefloaO/$sKiqNrllv5T5n6e.TdXMT0"
  6. set system name-server 10.0.1.254
  7. set system name-server 8.8.8.8
  8. set system name-server 8.8.4.4
  9. set system services ssh
  10. set system services telnet
  11. set system services xnm-clear-text
  12. set system services web-management http interface vlan.1
  13. set system services web-management http interface vlan.2
  14. set system services web-management http interface vlan.3
  15. set system services web-management http interface fxp2.0
  16. set system services web-management http interface lo0.16384
  17. set system services web-management http interface ge-0/0/0.0
  18. set system services web-management http interface ge-0/0/15.0
  19. set system services web-management https system-generated-certificate
  20. set system services dhcp pool 192.168.11.0/24 address-range low 192.168.11.1
  21. set system services dhcp pool 192.168.11.0/24 address-range high 192.168.11.253
  22. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.10
  23. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.11
  24. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.20
  25. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.22
  26. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.30
  27. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.33
  28. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.40
  29. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.44
  30. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.50
  31. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.55
  32. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.60
  33. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.66
  34. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.70
  35. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.77
  36. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.80
  37. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.88
  38. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.90
  39. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.99
  40. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.100
  41. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.110
  42. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.111
  43. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.120
  44. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.122
  45. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.130
  46. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.133
  47. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.140
  48. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.144
  49. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.150
  50. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.155
  51. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.160
  52. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.170
  53. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.180
  54. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.190
  55. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.200
  56. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.210
  57. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.220
  58. set system services dhcp pool 192.168.11.0/24 exclude-address 192.168.11.222
  59. set system services dhcp pool 192.168.11.0/24 maximum-lease-time 86400
  60. set system services dhcp pool 192.168.11.0/24 name-server 10.0.1.254
  61. set system services dhcp pool 192.168.11.0/24 name-server 8.8.8.8
  62. set system services dhcp pool 192.168.11.0/24 wins-server 192.168.11.11
  63. set system services dhcp pool 192.168.11.0/24 router 192.168.11.254
  64. set system services dhcp pool 192.168.11.0/24 propagate-settings vlan.1
  65. set system services dhcp pool 192.168.22.0/24 address-range low 192.168.22.1
  66. set system services dhcp pool 192.168.22.0/24 address-range high 192.168.22.253
  67. set system services dhcp pool 192.168.22.0/24 maximum-lease-time 86400
  68. set system services dhcp pool 192.168.22.0/24 router 192.168.22.254
  69. set system services dhcp pool 192.168.22.0/24 propagate-settings vlan.2
  70. set system services dhcp pool 192.168.33.0/24 address-range low 192.168.33.1
  71. set system services dhcp pool 192.168.33.0/24 address-range high 192.168.33.253
  72. set system services dhcp pool 192.168.33.0/24 maximum-lease-time 86400
  73. set system services dhcp pool 192.168.33.0/24 name-server BBB.BBB.52.252
  74. set system services dhcp pool 192.168.33.0/24 name-server 8.8.8.8
  75. set system services dhcp pool 192.168.33.0/24 router 192.168.33.254
  76. set system services dhcp pool 192.168.33.0/24 propagate-settings vlan.3
  77. set system syslog archive size 100k
  78. set system syslog archive files 3
  79. set system syslog user * any emergency
  80. set system syslog file messages any critical
  81. set system syslog file messages authorization info
  82. set system syslog file interactive-commands interactive-commands error
  83. set system max-configurations-on-flash 5
  84. set system max-configuration-rollbacks 20
  85. set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
  86. set interfaces ge-0/0/0 unit 0 family inet filter input rf158
  87. set interfaces ge-0/0/0 unit 0 family inet address AAA.AAA.246.153/29 arp AAA.AAA.246.154 mac 00:00:00:00:01:54
  88. set interfaces ge-0/0/0 unit 0 family inet address AAA.AAA.246.153/29 arp AAA.AAA.246.154 publish
  89. set interfaces ge-0/0/0 unit 0 family inet address AAA.AAA.246.153/29 arp AAA.AAA.246.155 mac 00:00:00:00:01:55
  90. set interfaces ge-0/0/0 unit 0 family inet address AAA.AAA.246.153/29 arp AAA.AAA.246.155 publish
  91. set interfaces ge-0/0/0 unit 0 family inet address AAA.AAA.246.153/29 arp AAA.AAA.246.156 mac 00:00:00:00:01:56
  92. set interfaces ge-0/0/0 unit 0 family inet address AAA.AAA.246.153/29 arp AAA.AAA.246.156 publish
  93. set interfaces ge-0/0/1 unit 0 family inet address AAA.AAA.242.225/29 arp AAA.AAA.242.226 mac 00:00:00:00:02:26
  94. set interfaces ge-0/0/1 unit 0 family inet address AAA.AAA.242.225/29 arp AAA.AAA.242.226 publish
  95. set interfaces ge-0/0/2 unit 0 family inet address BBB.BBB.50.129/29 arp BBB.BBB.50.130 mac 00:27:0d:a7:4d:21
  96. set interfaces ge-0/0/2 unit 0 family inet address BBB.BBB.50.129/29 arp BBB.BBB.50.130 publish
  97. set interfaces ge-0/0/2 unit 0 family inet address BBB.BBB.50.129/29 arp BBB.BBB.50.131 mac 00:02:63:d8:8f:02
  98. set interfaces ge-0/0/2 unit 0 family inet address BBB.BBB.50.129/29 arp BBB.BBB.50.131 publish
  99. set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members unset
  100. set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members server
  101. set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members minedu
  102. set interfaces ge-0/0/6 unit 0 family ethernet-switching vlan members buhedu
  103. set interfaces ge-0/0/7 unit 0 family ethernet-switching vlan members unset
  104. set interfaces ge-0/0/8 unit 0 family ethernet-switching vlan members unset
  105. set interfaces ge-0/0/9 unit 0 family ethernet-switching vlan members unset
  106. set interfaces ge-0/0/10 unit 0 family ethernet-switching vlan members unset
  107. set interfaces ge-0/0/11 unit 0 family ethernet-switching vlan members unset
  108. set interfaces ge-0/0/12 unit 0 family ethernet-switching vlan members unset
  109. set interfaces ge-0/0/13 unit 0 family ethernet-switching vlan members unset
  110. set interfaces ge-0/0/14 unit 0 family ethernet-switching vlan members wifi
  111. set interfaces ge-0/0/15 unit 0 family inet address 192.168.26.237/24
  112. set interfaces vlan unit 0 family inet address 192.168.1.254/24
  113. set interfaces vlan unit 1 family inet address 192.168.11.254/24
  114. set interfaces vlan unit 2 family inet address 192.168.22.254/24
  115. set interfaces vlan unit 3 family inet address 192.168.33.254/24
  116. set interfaces vlan unit 4 family inet address 192.168.44.254/24
  117. set routing-options interface-routes rib-group inet rib158
  118. set routing-options static route 0.0.0.0/0 next-hop AAA.AAA.246.153
  119. set routing-options rib-groups rib158 import-rib inet.0
  120. set routing-options rib-groups rib158 import-rib ri158.inet.0
  121. set protocols stp
  122. set security certificates local remote "r-sys-adm\n "
  123. set security address-book global address srv-ad-1 192.168.11.11/32
  124. set security address-book global address srv-ad-2 192.168.11.22/32
  125. set security address-book global address srv-vmc 192.168.11.88/32
  126. set security address-book global address srv-nod-minedu 192.168.11.99/32
  127. set security address-book global address srv-igor 192.168.11.122/32
  128. set security address-book global address srv-net 192.168.11.0/24
  129. set security address-book global address minedu-net 192.168.22.0/24
  130. set security address-book global address buhedu-net 192.168.33.0/24
  131. set security address-book global address old-net 192.168.26.0/24
  132. set security address-book global address wifi-net 192.168.44.0/24
  133. set security alg dns disable
  134. set security alg ike-esp-nat enable
  135. set security flow allow-dns-reply
  136. set security flow tcp-session no-syn-check
  137. set security nat source pool ip153 address AAA.AAA.246.153/32
  138. set security nat source pool ip154 address AAA.AAA.246.154/32
  139. set security nat source pool ip155 address AAA.AAA.246.155/32
  140. set security nat source pool ip156 address AAA.AAA.246.156/32
  141. set security nat source pool ip225 address AAA.AAA.242.225/32
  142. set security nat source pool ip226 address AAA.AAA.242.226/32
  143. set security nat source pool ip129 address BBB.BBB.50.129/32
  144. set security nat source pool ip130 address BBB.BBB.50.130/32
  145. set security nat source pool ip131 address BBB.BBB.50.131/32
  146. set security nat source rule-set srv11-to-153 from zone server
  147. set security nat source rule-set srv11-to-153 to zone isp1
  148. set security nat source rule-set srv11-to-153 rule rule1 match source-address 192.168.26.11/32
  149. set security nat source rule-set srv11-to-153 rule rule1 match source-address 192.168.26.88/32
  150. set security nat source rule-set srv11-to-153 rule rule1 match destination-address 0.0.0.0/0
  151. set security nat source rule-set srv11-to-153 rule rule1 then source-nat pool ip153
  152. set security policies from-zone server to-zone isp1 policy srv-to-isp1 match source-address srv-net
  153. set security policies from-zone server to-zone isp1 policy srv-to-isp1 match destination-address any
  154. set security policies from-zone server to-zone isp1 policy srv-to-isp1 match application any
  155. set security policies from-zone server to-zone isp1 policy srv-to-isp1 then permit
  156. set security zones security-zone isp1 interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
  157. set security zones security-zone isp1 interfaces ge-0/0/0.0 host-inbound-traffic system-services ping
  158. set security zones security-zone isp1 interfaces ge-0/0/0.0 host-inbound-traffic system-services https
  159. set security zones security-zone isp1 interfaces ge-0/0/0.0 host-inbound-traffic system-services http
  160. set security zones security-zone isp1 interfaces ge-0/0/0.0 host-inbound-traffic system-services dns
  161. set security zones security-zone isp2 interfaces ge-0/0/1.0 host-inbound-traffic system-services ssh
  162. set security zones security-zone isp2 interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
  163. set security zones security-zone isp2 interfaces ge-0/0/1.0 host-inbound-traffic system-services https
  164. set security zones security-zone isp2 interfaces ge-0/0/1.0 host-inbound-traffic system-services http
  165. set security zones security-zone isp2 interfaces ge-0/0/1.0 host-inbound-traffic system-services dns
  166. set security zones security-zone isp3 interfaces ge-0/0/2.0 host-inbound-traffic system-services ssh
  167. set security zones security-zone isp3 interfaces ge-0/0/2.0 host-inbound-traffic system-services ping
  168. set security zones security-zone isp3 interfaces ge-0/0/2.0 host-inbound-traffic system-services https
  169. set security zones security-zone isp3 interfaces ge-0/0/2.0 host-inbound-traffic system-services http
  170. set security zones security-zone isp3 interfaces ge-0/0/2.0 host-inbound-traffic system-services dns
  171. set security zones security-zone server interfaces vlan.1 host-inbound-traffic system-services all
  172. set security zones security-zone minedu interfaces vlan.2 host-inbound-traffic system-services all
  173. set security zones security-zone buhedu interfaces vlan.3 host-inbound-traffic system-services all
  174. set security zones security-zone wifi interfaces vlan.4 host-inbound-traffic system-services all
  175. set security zones security-zone oldnet host-inbound-traffic system-services all
  176. set security zones security-zone oldnet host-inbound-traffic protocols all
  177. set security zones security-zone oldnet interfaces ge-0/0/15.0 host-inbound-traffic system-services all
  178. set security zones security-zone oldnet interfaces ge-0/0/15.0 host-inbound-traffic system-services dhcp except
  179. set security zones security-zone oldnet interfaces ge-0/0/15.0 host-inbound-traffic system-services dns except
  180. set security zones security-zone oldnet interfaces ge-0/0/15.0 host-inbound-traffic protocols all
  181. set firewall filter rf158 term tr158-1 from source-address 0.0.0.0/0
  182. set firewall filter rf158 term tr158-1 then routing-instance ri158
  183. set routing-instances ri158 instance-type forwarding
  184. set routing-instances ri158 routing-options static route 0.0.0.0/0 next-hop AAA.AAA.246.158
  185. set applications application rdp protocol tcp
  186. set applications application rdp destination-port 3389
  187. set vlans buhedu vlan-id 33
  188. set vlans buhedu l3-interface vlan.3
  189. set vlans minedu vlan-id 22
  190. set vlans minedu l3-interface vlan.2
  191. set vlans server vlan-id 11
  192. set vlans server l3-interface vlan.1
  193. set vlans unset vlan-id 2
  194. set vlans unset l3-interface vlan.0
  195. set vlans wifi vlan-id 4
  196. set vlans wifi l3-interface vlan.4
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!