API tools faq
paste
gosoft

SRXconfig

gosoft
Mar 29th, 2024
162
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 22.89 KB | None | 0 0
raw download clone embed print report
  1. set version 12.3X48-D105.4
  2. set system host-name FW01
  3. set system domain-name domain.cz
  4. set system time-zone Europe/Prague
  5. set system name-server 193.17.47.1
  6. set system name-server 185.43.135.1
  7. set system services ssh
  8. set system services xnm-clear-text
  9. set system services dns dns-proxy cache server.domain.cz inet 10.0.1.4
  10. set system services web-management http
  11. set system services web-management https system-generated-certificate
  12. set system services web-management https interface ae1.1100
  13. set system services dhcp name-server 193.17.47.1
  14. set system services dhcp name-server 185.43.135.1
  15. set system services dhcp pool 10.0.0.0/28 address-range low 10.0.0.4
  16. set system services dhcp pool 10.0.0.0/28 address-range high 10.0.0.14
  17. set system services dhcp pool 10.0.0.0/28 exclude-address 10.0.0.4
  18. set system services dhcp pool 10.0.0.0/28 router 10.0.0.1
  19. set system services dhcp pool 10.0.4.0/23 address-range low 10.0.4.51
  20. set system services dhcp pool 10.0.4.0/23 address-range high 10.0.5.254
  21. set system services dhcp pool 10.0.4.0/23 router 10.0.4.1
  22. set system services dhcp pool 10.0.6.0/24 address-range low 10.0.6.11
  23. set system services dhcp pool 10.0.6.0/24 address-range high 10.0.6.254
  24. set system services dhcp pool 10.0.6.0/24 router 10.0.6.1
  25. set system services dhcp pool 10.0.7.0/26 address-range low 10.0.7.2
  26. set system services dhcp pool 10.0.7.0/26 address-range high 10.0.7.62
  27. set system services dhcp pool 10.0.7.0/26 router 10.0.7.1
  28. set system services dhcp static-binding f0:de:f1:8a:05:be fixed-address 10.0.0.10
  29. set system services dhcp static-binding f0:de:f1:8a:05:be host-name W520_LAN
  30. set system services dhcp static-binding c4:ad:34:ff:07:d6 fixed-address 10.0.0.6
  31. set system services dhcp static-binding c4:ad:34:ff:07:d6 host-name AP01_Po1.1100
  32. set system services dhcp static-binding d4:ca:6d:07:37:b0 fixed-address 10.0.0.7
  33. set system services dhcp static-binding d4:ca:6d:07:37:b0 host-name AP02_Eth1.1100
  34. set system syslog archive size 64m
  35. set system syslog archive files 3
  36. set system syslog user * any emergency
  37. set system syslog file messages any error
  38. set system syslog file messages authorization info
  39. set system syslog file interactive-commands interactive-commands error
  40. set system syslog file traffic-log any any
  41. set system syslog file traffic-log match RT_FLOW_SESSION
  42. set system max-configurations-on-flash 5
  43. set system max-configuration-rollbacks 5
  44. set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
  45. set system ntp server 195.113.144.201
  46. set system ntp server 195.113.144.238
  47. set chassis aggregated-devices ethernet device-count 3
  48. set security log mode event
  49. set security screen ids-option untrust-screen icmp ping-death
  50. set security screen ids-option untrust-screen ip source-route-option
  51. set security screen ids-option untrust-screen ip tear-drop
  52. set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
  53. set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
  54. set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
  55. set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
  56. set security screen ids-option untrust-screen tcp syn-flood timeout 20
  57. set security screen ids-option untrust-screen tcp land
  58. set security nat source rule-set SNAT_DMZ_to_INET description "Source NAT for DMZ to Internet via Egress interface IP"
  59. set security nat source rule-set SNAT_DMZ_to_INET from zone DMZ
  60. set security nat source rule-set SNAT_DMZ_to_INET to zone untrust
  61. set security nat source rule-set SNAT_DMZ_to_INET rule SNAT_DMZ_to_INET description "Source NAT for DMZ to Internet via Egress interface IP"
  62. set security nat source rule-set SNAT_DMZ_to_INET rule SNAT_DMZ_to_INET match source-address 0.0.0.0/0
  63. set security nat source rule-set SNAT_DMZ_to_INET rule SNAT_DMZ_to_INET match destination-address 0.0.0.0/0
  64. set security nat source rule-set SNAT_DMZ_to_INET rule SNAT_DMZ_to_INET then source-nat interface
  65. set security nat source rule-set SNAT_Trust_to_INET description "Source NAT for Trust to Internet via Egress interface IP"
  66. set security nat source rule-set SNAT_Trust_to_INET from zone trust
  67. set security nat source rule-set SNAT_Trust_to_INET to zone untrust
  68. set security nat source rule-set SNAT_Trust_to_INET rule SNAT_Trust_to_INET description "Source NAT for Trust to Internet via Egress interface IP"
  69. set security nat source rule-set SNAT_Trust_to_INET rule SNAT_Trust_to_INET match source-address 0.0.0.0/0
  70. set security nat source rule-set SNAT_Trust_to_INET rule SNAT_Trust_to_INET match destination-address 0.0.0.0/0
  71. set security nat source rule-set SNAT_Trust_to_INET rule SNAT_Trust_to_INET then source-nat interface
  72. set security nat destination pool SERVER01_HTTP description "SERVER01 HTTP"
  73. set security nat destination pool SERVER01_HTTP routing-instance default
  74. set security nat destination pool SERVER01_HTTP address 10.0.1.4/32
  75. set security nat destination pool SERVER01_HTTP address port 80
  76. set security nat destination pool SERVER01_HTTPS description "SERVER01 HTTPS"
  77. set security nat destination pool SERVER01_HTTPS address 10.0.1.4/32
  78. set security nat destination pool SERVER01_HTTPS address port 443
  79. set security nat destination pool SERVER01_Torrent description SERVER01_Torrent
  80. set security nat destination pool SERVER01_Torrent routing-instance default
  81. set security nat destination pool SERVER01_Torrent address 10.0.1.4/32
  82. set security nat destination pool SERVER01_Torrent address port 9091
  83. set security nat destination pool SERVER01_Minecraft description SERVER01_Minecraft
  84. set security nat destination pool SERVER01_Minecraft routing-instance default
  85. set security nat destination pool SERVER01_Minecraft address 10.0.1.4/32
  86. set security nat destination pool SERVER01_Minecraft address port 25565
  87. set security nat destination pool SERVER01_Dynmap description SERVER01_Dynmap
  88. set security nat destination pool SERVER01_Dynmap routing-instance default
  89. set security nat destination pool SERVER01_Dynmap address 10.0.1.4/32
  90. set security nat destination pool SERVER01_Dynmap address port 8123
  91. set security nat destination rule-set SERVER01 description "Port forwardings (DNAT) for SERVER01"
  92. set security nat destination rule-set SERVER01 from zone untrust
  93. set security nat destination rule-set SERVER01 rule SERVER01_HTTP description "HTTP port forwarding to SERVER01"
  94. set security nat destination rule-set SERVER01 rule SERVER01_HTTP match source-address 0.0.0.0/0
  95. set security nat destination rule-set SERVER01 rule SERVER01_HTTP match destination-address 0.0.0.0/0
  96. set security nat destination rule-set SERVER01 rule SERVER01_HTTP match destination-port 80
  97. set security nat destination rule-set SERVER01 rule SERVER01_HTTP match protocol tcp
  98. set security nat destination rule-set SERVER01 rule SERVER01_HTTP then destination-nat pool SERVER01_HTTP
  99. set security nat destination rule-set SERVER01 rule SERVER01_HTTPS description "HTTPS port forwarding to SERVER01"
  100. set security nat destination rule-set SERVER01 rule SERVER01_HTTPS match source-address 0.0.0.0/0
  101. set security nat destination rule-set SERVER01 rule SERVER01_HTTPS match destination-address 0.0.0.0/0
  102. set security nat destination rule-set SERVER01 rule SERVER01_HTTPS match destination-port 443
  103. set security nat destination rule-set SERVER01 rule SERVER01_HTTPS match protocol tcp
  104. set security nat destination rule-set SERVER01 rule SERVER01_HTTPS then destination-nat pool SERVER01_HTTPS
  105. set security nat destination rule-set SERVER01 rule SERVER01_Minecraft description "Minecraft port forwarding to SERVER01"
  106. set security nat destination rule-set SERVER01 rule SERVER01_Minecraft match source-address 0.0.0.0/0
  107. set security nat destination rule-set SERVER01 rule SERVER01_Minecraft match destination-address 0.0.0.0/0
  108. set security nat destination rule-set SERVER01 rule SERVER01_Minecraft match destination-port 25565
  109. set security nat destination rule-set SERVER01 rule SERVER01_Minecraft match protocol tcp
  110. set security nat destination rule-set SERVER01 rule SERVER01_Minecraft then destination-nat pool SERVER01_Minecraft
  111. set security nat destination rule-set SERVER01 rule SERVER01_Torrent description "Torrent port forwarding to SERVER01"
  112. set security nat destination rule-set SERVER01 rule SERVER01_Torrent match source-address 0.0.0.0/0
  113. set security nat destination rule-set SERVER01 rule SERVER01_Torrent match destination-address 0.0.0.0/0
  114. set security nat destination rule-set SERVER01 rule SERVER01_Torrent match destination-port 9091
  115. set security nat destination rule-set SERVER01 rule SERVER01_Torrent match protocol tcp
  116. set security nat destination rule-set SERVER01 rule SERVER01_Torrent then destination-nat pool SERVER01_Torrent
  117. set security nat destination rule-set SERVER01 rule SERVER01_Dynmap description "Dynmap port forwarding to SERVER01"
  118. set security nat destination rule-set SERVER01 rule SERVER01_Dynmap match source-address 0.0.0.0/0
  119. set security nat destination rule-set SERVER01 rule SERVER01_Dynmap match destination-address 0.0.0.0/0
  120. set security nat destination rule-set SERVER01 rule SERVER01_Dynmap match destination-port 8123
  121. set security nat destination rule-set SERVER01 rule SERVER01_Dynmap match protocol tcp
  122. set security nat destination rule-set SERVER01 rule SERVER01_Dynmap then destination-nat pool SERVER01_Dynmap
  123. set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
  124. set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
  125. set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
  126. set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
  127. set security policies from-zone trust to-zone untrust policy trust-to-untrust then log session-close
  128. set security policies from-zone trust to-zone untrust policy trust-to-untrust then count
  129. set security policies from-zone trust to-zone trust policy Access_to_Mgmt description "Allowing access from LAN to Management"
  130. set security policies from-zone trust to-zone trust policy Access_to_Mgmt match source-address LAN1_10.0.4.0/23
  131. set security policies from-zone trust to-zone trust policy Access_to_Mgmt match destination-address MGMT_10.0.0.0/28
  132. set security policies from-zone trust to-zone trust policy Access_to_Mgmt match application junos-ssh
  133. set security policies from-zone trust to-zone trust policy Access_to_Mgmt match application junos-http
  134. set security policies from-zone trust to-zone trust policy Access_to_Mgmt match application junos-https
  135. set security policies from-zone trust to-zone trust policy Access_to_Mgmt then permit
  136. set security policies from-zone trust to-zone trust policy Access_to_Mgmt then log session-close
  137. set security policies from-zone trust to-zone trust policy Access_to_Mgmt then count
  138. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest description "All Trust networks access to Wifi Guest"
  139. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest match source-address LAN1_10.0.4.0/23
  140. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest match source-address WIFI1_10.0.6.0/24
  141. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest match destination-address WIFI2_GUEST_10.0.7.0/26
  142. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest match application any
  143. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest then permit
  144. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest then log session-close
  145. set security policies from-zone trust to-zone trust policy Trust_to_WiFI_Guest then count
  146. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 description "Access from Trust to SERVER01"
  147. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 match source-address LAN1_10.0.4.0/23
  148. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 match source-address WIFI1_10.0.6.0/24
  149. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 match destination-address host_10.0.1.4_SERVER01
  150. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 match application junos-ssh
  151. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 match application junos-https
  152. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 then permit
  153. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 then log session-close
  154. set security policies from-zone trust to-zone DMZ policy Trust_to_SERVER01 then count
  155. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud description "Access from WiFi Guest to Nextcloud"
  156. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud match source-address WIFI2_GUEST_10.0.7.0/26
  157. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud match destination-address host_10.0.1.4_SERVER01
  158. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud match application junos-https
  159. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud then permit
  160. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud then log session-close
  161. set security policies from-zone trust to-zone DMZ policy Wifi_Guet_To_NextCloud then count
  162. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet description "Access from DMZ to Internet"
  163. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet match source-address DMZ1_10.0.1.0/29
  164. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet match source-address DMZ2_10.0.1.8/29
  165. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet match destination-address any
  166. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet match application junos-http
  167. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet match application junos-https
  168. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet match application Torrent
  169. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet then permit
  170. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet then log session-close
  171. set security policies from-zone DMZ to-zone untrust policy DMZ_to_Internet then count
  172. set security policies from-zone untrust to-zone DMZ policy Nextcloud description "Access to Nextcloud server."
  173. set security policies from-zone untrust to-zone DMZ policy Nextcloud match source-address any
  174. set security policies from-zone untrust to-zone DMZ policy Nextcloud match destination-address host_10.0.1.4_SERVER01
  175. set security policies from-zone untrust to-zone DMZ policy Nextcloud match application junos-http
  176. set security policies from-zone untrust to-zone DMZ policy Nextcloud match application junos-https
  177. set security policies from-zone untrust to-zone DMZ policy Nextcloud then permit
  178. set security policies from-zone untrust to-zone DMZ policy Nextcloud then log session-close
  179. set security policies from-zone untrust to-zone DMZ policy Nextcloud then count
  180. set security policies from-zone untrust to-zone DMZ policy Torrent description "Access to Torrent server"
  181. set security policies from-zone untrust to-zone DMZ policy Torrent match source-address any
  182. set security policies from-zone untrust to-zone DMZ policy Torrent match destination-address host_10.0.1.4_SERVER01
  183. set security policies from-zone untrust to-zone DMZ policy Torrent match application Torrent
  184. set security policies from-zone untrust to-zone DMZ policy Torrent then permit
  185. set security policies from-zone untrust to-zone DMZ policy Torrent then log session-close
  186. set security policies from-zone untrust to-zone DMZ policy Torrent then count
  187. set security policies from-zone untrust to-zone DMZ policy Minecraft description "Access to Minecraft server"
  188. set security policies from-zone untrust to-zone DMZ policy Minecraft match source-address any
  189. set security policies from-zone untrust to-zone DMZ policy Minecraft match destination-address host_10.0.1.4_SERVER01
  190. set security policies from-zone untrust to-zone DMZ policy Minecraft match application Minecraft
  191. set security policies from-zone untrust to-zone DMZ policy Minecraft then permit
  192. set security policies from-zone untrust to-zone DMZ policy Minecraft then log session-close
  193. set security policies from-zone untrust to-zone DMZ policy Minecraft then count
  194. set security policies from-zone untrust to-zone DMZ policy Dynmap description "Access to Minecradt Dynmap"
  195. set security policies from-zone untrust to-zone DMZ policy Dynmap match source-address any
  196. set security policies from-zone untrust to-zone DMZ policy Dynmap match destination-address host_10.0.1.4_SERVER01
  197. set security policies from-zone untrust to-zone DMZ policy Dynmap match application Dynmap
  198. set security policies from-zone untrust to-zone DMZ policy Dynmap then permit
  199. set security policies from-zone untrust to-zone DMZ policy Dynmap then log session-close
  200. set security policies from-zone untrust to-zone DMZ policy Dynmap then count
  201. set security policies default-policy deny-all
  202. set security zones security-zone trust description "Internal networks"
  203. set security zones security-zone trust address-book address LAN1_10.0.4.0/23 10.0.4.0/23
  204. set security zones security-zone trust address-book address MGMT_10.0.0.0/28 10.0.0.0/28
  205. set security zones security-zone trust address-book address WIFI1_10.0.6.0/24 10.0.6.0/24
  206. set security zones security-zone trust address-book address WIFI2_GUEST_10.0.7.0/26 10.0.7.0/26
  207. set security zones security-zone trust host-inbound-traffic system-services all
  208. set security zones security-zone trust interfaces ae1.1200
  209. set security zones security-zone trust interfaces ae1.1100
  210. set security zones security-zone trust interfaces ae1.1300
  211. set security zones security-zone trust interfaces ae1.1400
  212. set security zones security-zone untrust description Internet
  213. set security zones security-zone untrust screen untrust-screen
  214. set security zones security-zone untrust interfaces pp0.0
  215. set security zones security-zone untrust interfaces ge-0/0/7.848
  216. set security zones security-zone DMZ description DMZ
  217. set security zones security-zone DMZ address-book address DMZ1_10.0.1.0/29 10.0.1.0/29
  218. set security zones security-zone DMZ address-book address DMZ2_10.0.1.8/29 10.0.1.8/29
  219. set security zones security-zone DMZ address-book address host_10.0.1.4_SERVER01 10.0.1.4/32
  220. set security zones security-zone DMZ address-book address host_10.0.1.12_RB01 10.0.1.12/32
  221. set security zones security-zone DMZ host-inbound-traffic system-services ping
  222. set security zones security-zone DMZ host-inbound-traffic system-services dns
  223. set security zones security-zone DMZ host-inbound-traffic system-services dhcp
  224. set security zones security-zone DMZ interfaces ae2.100
  225. set security zones security-zone DMZ interfaces ae2.200
  226. set interfaces ge-0/0/0 description "SW01_Gi1/0/41 (Po1); ae1 member"
  227. set interfaces ge-0/0/0 gigether-options 802.3ad ae1
  228. set interfaces ge-0/0/1 description "SW01_Gi1/0/42 (Po1); ae1 member"
  229. set interfaces ge-0/0/1 gigether-options 802.3ad ae1
  230. set interfaces ge-0/0/2 description "SW01_Gi1/0/43 (Po1); ae1 member"
  231. set interfaces ge-0/0/2 gigether-options 802.3ad ae1
  232. set interfaces ge-0/0/3 description "SW01_Gi1/0/44 (Po1); ae1 member"
  233. set interfaces ge-0/0/3 gigether-options 802.3ad ae1
  234. set interfaces ge-0/0/4 description "SW01_Gi1/0/45 (Po2); ae2 member"
  235. set interfaces ge-0/0/4 gigether-options 802.3ad ae2
  236. set interfaces ge-0/0/5 description "SW01_Gi1/0/46 (Po2); ae2 member"
  237. set interfaces ge-0/0/5 gigether-options 802.3ad ae2
  238. set interfaces ge-0/0/6 description "SW01_Gi1/0/47 (Po2); ae2 member"
  239. set interfaces ge-0/0/6 gigether-options 802.3ad ae2
  240. set interfaces ge-0/0/7 description "INTERNET via SW01_Gi1/0/48"
  241. set interfaces ge-0/0/7 vlan-tagging
  242. set interfaces ge-0/0/7 unit 848 description INTERNET
  243. set interfaces ge-0/0/7 unit 848 encapsulation ppp-over-ether
  244. set interfaces ge-0/0/7 unit 848 vlan-id 848
  245. set interfaces ae1 description "SW01_Po1; INSIDE"
  246. set interfaces ae1 vlan-tagging
  247. set interfaces ae1 aggregated-ether-options link-speed 1g
  248. set interfaces ae1 aggregated-ether-options lacp active
  249. set interfaces ae1 unit 1100 description WIFI_MGMT_10.0.0.0/28
  250. set interfaces ae1 unit 1100 vlan-id 1100
  251. set interfaces ae1 unit 1100 family inet address 10.0.0.1/28
  252. set interfaces ae1 unit 1200 description LAN1_10.0.4.0/23
  253. set interfaces ae1 unit 1200 vlan-id 1200
  254. set interfaces ae1 unit 1200 family inet address 10.0.4.1/23
  255. set interfaces ae1 unit 1300 description WIFI1_10.0.6.0/24
  256. set interfaces ae1 unit 1300 vlan-id 1300
  257. set interfaces ae1 unit 1300 family inet address 10.0.6.1/24
  258. set interfaces ae1 unit 1400 description WIFI2_GUEST_10.0.7.0/26
  259. set interfaces ae1 unit 1400 vlan-id 1400
  260. set interfaces ae1 unit 1400 family inet address 10.0.7.1/26
  261. set interfaces ae2 description "SW01_Po2; OUTSIDE"
  262. set interfaces ae2 vlan-tagging
  263. set interfaces ae2 aggregated-ether-options link-speed 1g
  264. set interfaces ae2 aggregated-ether-options lacp active
  265. set interfaces ae2 unit 100 description DMZ1_10.0.1.0/29
  266. set interfaces ae2 unit 100 vlan-id 100
  267. set interfaces ae2 unit 100 family inet address 10.0.1.1/29
  268. set interfaces ae2 unit 200 description DMZ2_10.0.1.8/29
  269. set interfaces ae2 unit 200 vlan-id 200
  270. set interfaces ae2 unit 200 family inet address 10.0.1.9/29
  271. set interfaces pp0 unit 0 ppp-options pap local-name O2
  272. set interfaces pp0 unit 0 ppp-options pap no-rfc2486
  273. set interfaces pp0 unit 0 ppp-options pap local-password "******"
  274. set interfaces pp0 unit 0 ppp-options pap passive
  275. set interfaces pp0 unit 0 pppoe-options underlying-interface ge-0/0/7.848
  276. set interfaces pp0 unit 0 pppoe-options idle-timeout 0
  277. set interfaces pp0 unit 0 pppoe-options auto-reconnect 10
  278. set interfaces pp0 unit 0 pppoe-options client
  279. set interfaces pp0 unit 0 family inet mtu 1492
  280. set interfaces pp0 unit 0 family inet negotiate-address
  281. set routing-options static route 0.0.0.0/0 next-hop pp0.0
  282. set routing-options static route 0.0.0.0/0 qualified-next-hop pp0.1
  283. set routing-options static route 0.0.0.0/0 metric 0
  284. set protocols lldp interface all
  285. set protocols stp
  286. set applications application Minecraft protocol tcp
  287. set applications application Minecraft destination-port 25565
  288. set applications application Minecraft description "Minecraft server"
  289. set applications application Dynmap protocol tcp
  290. set applications application Dynmap destination-port 8123
  291. set applications application Dynmap description "Dynmap for Minecraft"
  292. set applications application Torrent protocol tcp
  293. set applications application Torrent destination-port 9091
  294. set applications application Torrent description "Torrent server"
  295. set vlans DMZ1_10.0.2.0_m29 vlan-id 100
  296. set vlans DMZ2_10.0.2.8_m29 vlan-id 200
  297. set vlans INTERNET vlan-id 848
  298. set vlans LAN1_10.0.4.0_m23 vlan-id 1200
  299. set vlans MGMT_10.0.0.0_m24 vlan-id 1100
  300. set vlans WIFI1_10.0.6.0_m24 vlan-id 1300
  301. set vlans WIFI2_GUEST_10.0.7.0_m27 vlan-id 1400
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!