SRX340默认配置文件 - 上海忆通广达信息技术有限公司

SRX340默认配置参考文件，以SET命令格式呈现，如需复制请使用CTRL+C
set system name-server 208.67.222.222
set system name-server 208.67.220.220
set system services ssh
set system services telnet
set system services xnm-clear-text
set system services web-management http interface fxp0.0
set system services web-management http interface ge-0/0/1.0
set system services web-management http interface ge-0/0/2.0
set system services web-management http interface ge-0/0/3.0
set system services web-management http interface ge-0/0/4.0
set system services web-management http interface ge-0/0/5.0
set system services web-management http interface ge-0/0/6.0
set system services web-management http interface ge-0/0/7.0
set system services web-management http interface ge-0/0/0.0
set system services web-management https system-generated-certificate
set system services web-management https interface fxp0.0
set system services web-management https interface ge-0/0/1.0
set system services web-management https interface ge-0/0/2.0
set system services web-management https interface ge-0/0/3.0
set system services web-management https interface ge-0/0/4.0
set system services web-management https interface ge-0/0/5.0
set system services web-management https interface ge-0/0/6.0
set system services web-management https interface ge-0/0/7.0
set system services dhcp pool 192.168.2.0/24 address-range low 192.168.2.2
set system services dhcp pool 192.168.2.0/24 address-range high 192.168.2.254
set system services dhcp pool 192.168.2.0/24 router 192.168.2.1
set system services dhcp pool 192.168.2.0/24 propagate-settings ge-0/0/0.0
set system services dhcp pool 192.168.3.0/24 address-range low 192.168.3.2
set system services dhcp pool 192.168.3.0/24 address-range high 192.168.3.254
set system services dhcp pool 192.168.3.0/24 router 192.168.3.1
set system services dhcp pool 192.168.3.0/24 propagate-settings ge-0/0/0.0
set system services dhcp pool 192.168.4.0/24 address-range low 192.168.4.2
set system services dhcp pool 192.168.4.0/24 address-range high 192.168.4.254
set system services dhcp pool 192.168.4.0/24 router 192.168.4.1
set system services dhcp pool 192.168.4.0/24 propagate-settings ge-0/0/0.0
set system services dhcp pool 192.168.5.0/24 address-range low 192.168.5.2
set system services dhcp pool 192.168.5.0/24 address-range high 192.168.5.254
set system services dhcp pool 192.168.5.0/24 router 192.168.5.1
set system services dhcp pool 192.168.5.0/24 propagate-settings ge-0/0/0.0
set system services dhcp pool 192.168.6.0/24 address-range low 192.168.6.2
set system services dhcp pool 192.168.6.0/24 address-range high 192.168.6.254
set system services dhcp pool 192.168.6.0/24 router 192.168.6.1
set system services dhcp pool 192.168.6.0/24 propagate-settings ge-0/0/0.0
set system services dhcp pool 192.168.7.0/24 address-range low 192.168.7.2
set system services dhcp pool 192.168.7.0/24 address-range high 192.168.7.254
set system services dhcp pool 192.168.7.0/24 router 192.168.7.1
set system services dhcp pool 192.168.7.0/24 propagate-settings ge-0/0/0.0
set system services dhcp pool 192.168.8.0/24 address-range low 192.168.8.2
set system services dhcp pool 192.168.8.0/24 address-range high 192.168.8.254
set system services dhcp pool 192.168.8.0/24 router 192.168.8.1
set system services dhcp pool 192.168.8.0/24 propagate-settings ge-0/0/0.0
set system syslog archive size 100k
set system syslog archive files 3
set system syslog user * any emergency
set system syslog file messages any critical
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands error
set system max-configurations-on-flash 5
set system max-configuration-rollbacks 5
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
set security policies from-zone trust to-zone trust policy trust-to-trust match source-address any
set security policies from-zone trust to-zone trust policy trust-to-trust match destination-address any
set security policies from-zone trust to-zone trust policy trust-to-trust match application any
set security policies from-zone trust to-zone trust policy trust-to-trust then permit
set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces ge-0/0/1.0
set security zones security-zone trust interfaces ge-0/0/2.0
set security zones security-zone trust interfaces ge-0/0/3.0
set security zones security-zone trust interfaces ge-0/0/4.0
set security zones security-zone trust interfaces ge-0/0/5.0
set security zones security-zone trust interfaces ge-0/0/6.0
set security zones security-zone trust interfaces ge-0/0/7.0
set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services tftp
set interfaces ge-0/0/0 unit 0
set interfaces ge-0/0/1 unit 0 family inet address 192.168.2.1/24
set interfaces ge-0/0/2 unit 0 family inet address 192.168.3.1/24
set interfaces ge-0/0/3 unit 0 family inet address 192.168.4.1/24
set interfaces ge-0/0/4 unit 0 family inet address 192.168.5.1/24
set interfaces ge-0/0/5 unit 0 family inet address 192.168.6.1/24
set interfaces ge-0/0/6 unit 0 family inet address 192.168.7.1/24
set interfaces ge-0/0/7 unit 0 family inet address 192.168.8.1/24
set interfaces ge-0/0/8 unit 0
set interfaces ge-0/0/9 unit 0
set interfaces ge-0/0/10 unit 0
set interfaces ge-0/0/11 unit 0
set interfaces ge-0/0/12 unit 0
set interfaces ge-0/0/13 unit 0
set interfaces ge-0/0/14 unit 0
set interfaces ge-0/0/15 unit 0
set interfaces fxp0 unit 0 family inet address 192.168.1.1/24
本文为“EETONG-忆通广达”版权所有丨如未注明，均为原创，转载请注明转自：

相关文章
