Difference between revisions of "SRX notes"
From cpwiki.net
| (3 intermediate revisions by one user not shown) | |||
| Line 1: | Line 1: | ||
junos SRX notes | junos SRX notes | ||
| + | |||
| + | show interface IPs | ||
| + | > show interfaces terse | match inet | ||
show rule / policy | show rule / policy | ||
| Line 21: | Line 24: | ||
node0 200 secondary no no | node0 200 secondary no no | ||
node1 100 primary no no | node1 100 primary no no | ||
| − | |||
| − | |||
| − | |||
add proxy arp | add proxy arp | ||
| Line 30: | Line 30: | ||
start unix shell | start unix shell | ||
> start shell user root | > start shell user root | ||
| + | |||
| + | example new rule (in progress) | ||
| + | |||
| + | match > permit > insert | ||
| + | |||
| + | ==VM download== | ||
| + | |||
| + | [https://webdownload.juniper.net/swdl/dl/secure/site/1/record/117212.html?pf=vSRX%20EVAL https://webdownload.juniper.net/swdl/dl/secure/site/1/record/117212.html?pf=vSRX%20EVAL] | ||
[[category:juniper]] | [[category:juniper]] | ||
Latest revision as of 14:28, 20 June 2024
junos SRX notes
show interface IPs
> show interfaces terse | match inet
show rule / policy
# show security policies from-zone trust to-zone untrust policy <policy_name>
search address book for pre-defined objects
# show security zones security-zone untrust address-book | match "192.168.1.1"
monitoring traffic example
monitor traffic matching "host 10.0.0.1" no-resolve interface reth0
show cluster status
root@SRXfw> show chassis cluster status
Cluster ID: 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 0
node0 200 primary no no
node1 100 secondary no no
Redundancy group: 1 , Failover count: 3
node0 200 secondary no no
node1 100 primary no no
add proxy arp
set security nat proxy-arp interface reth0 address 192.168.1.1
start unix shell
> start shell user root
example new rule (in progress)
match > permit > insert
VM download
https://webdownload.juniper.net/swdl/dl/secure/site/1/record/117212.html?pf=vSRX%20EVAL
