juniper srx240相关配置
1、在配置好相关参数后,可以ping通网站,但是发现网页打开网络很忙,这时候可通过如下方法解决:
set security flow tcp-mss all-tcp mss 1400
2、拨号配置:
set interfaces fe-0/0/2 unit 0 encapsulation ppp-over-ether (封装协议)
set interfaces pp0 unit 0 ppp-options pap default-password "$9$2CoDHQznu01wYiqPQ6/MWLxdw"
set interfaces pp0 unit 0 ppp-options pap local-name "sztanxiaohong@163.gd"
set interfaces pp0 unit 0 ppp-options pap local-password "$9$VSsaGmPT9CpNdZDHmQzrlKMXN"
set interfaces pp0 unit 0 ppp-options pap passive
set interfaces pp0 unit 0 pppoe-options underlying-interface fe-0/0/2.0
set interfaces pp0 unit 0 pppoe-options idle-timeout 0
set interfaces pp0 unit 0 pppoe-options auto-reconnect 1
set interfaces pp0 unit 0 pppoe-options client
set interfaces pp0 unit 0 family inet negotiate-address
set routing-options static route 0.0.0.0/0 next-hop pp0.0
set security zones security-zone untrust interfaces fe-0/0/2.0
set security zones security-zone untrust interfaces pp0.0
3、# juniper srx防火墙status闪红灯
run request system autorecovery state save
4、新增vlan100
set vlans vlan100 vlan-id 100
set vlans vlan100 l3-interface vlan.100
#(定义vlan100虚拟接口并开启3层配置功能)
set interfaces vlan unit 100 family inet address 192.168.100.1/24
#(配置vlan100的IP地址,注:vlan.100可以看作是vlan unit 100)
set security zones security-zone trust interfaces vlan.100
#(将vlan100放入trust区域)
#将子接口加入vlan100
set interface ge-0/0/0/12 unit 0 family ethernet-switching vlan members vlan100
set interface ge-0/0/0/13 unit 0 family ethernet-switching vlan members vlan100
set interface ge-0/0/0/14 unit 0 family ethernet-switching vlan members vlan100
set interface ge-0/0/0/15 unit 0 family ethernet-switching vlan members vlan100
#开通vlan100的DHCP功能
set system services dhcp router 192.168.100.254
set system services dhcp pool 192.168.100.254/24 address-range low 192.168.100.200
set system services dhcp pool 192.168.100.254/24 address-range high 192.168.100.253
#开通trust到trust的策略,确保vlan100和vlan0能相互通讯
set security policies from-zone trust to-zone trust policy trust-to-trust match source-address any
set security policies from-zone trust to-zone trust policy trust-to-trust match destination-address any
set security policies from-zone trust to-zone trust policy trust-to-trust match application any
set security policies from-zone trust to-zone trust policy trust-to-trust then permit
相关文档
- Juniper_SRX防火墙配置手册
- 2019年Juniper_SRX中文配置手册及图解
- Juniper SRX详细配置手册(含注释)
- JuniperSRX防火墙简明配置手册
- Juniper_SRX基本配置手册
- Juniper SRX配置手册
- Juniper SRX配置手册
- Juniper SRX Branch系列防火墙配置管理手册
- Juniper SRX基本配置手册
- Juniper_SRX_配置手册
- Juniper SRX防火墙简明配置手册
- JuniperSRX防火墙配置管理手册
- Juniper_SRX配置手册
- Juniper SRX 防火墙透明模式配置手册
- Juniper SRX路由器命令配置手册
- Juniper SRX防火墙配置手册-命令行模式
- JuniperSRX防火墙简明配置手册
- Juniper SRX防火墙简明配置手册-090721
- junipersrx配置手册
- Juniper_SRX防火墙Web配置手册