Answer the question
In order to leave comments, you need to log in
Setting up JUNIPER SRX100b and HP v1910 switches?
Good day, there is a problem with configuring juniper srx100b.
The network structure is like this!
there is a juniper srx100b there are two hp 1910V connected like this from as far as I understand
juniper srx100b from port fe-0/0/6 is connected to the first hp v1910 and from port fe-0/0/7 is connected to the second hp v1910 and to zero port-connection provider with a static IP address. It turned out that after the restart, a reset to the factory settings in juniper went on,
this became a global problem for me because I don’t know how to configure juniper
, there are only default.diag and startup.cfg files from the second hp
now I configured like this
system {
root-authentication {
encrypted-password "$1$74IngNLs$b4unocPohajYhqO0T5oW31"; ## SECRET-DATA
}
name-server {
8.8.8.8;
8.8.4.4;
}
services {
ssh {
root-login allow;
protocol-version v2;
}
telnet;
xnm-clear-text;
web-management {
http {
interface vlan.0;
}
https {
system-generated-certificate;
interface vlan.0;
}
}
dhcp {
router {
192.168.1.1;
}
pool 192.168.1.0/24 {
address-range low 192.168.1.2 high 192.168.1.254;
}
propagate-settings fe-0/0/0.0;
}
}
syslog {
archive size 100k files 3;
user * {
any emergency;
}
file messages {
any critical;
authorization info;
}
file interactive-commands {
interactive-commands error;
}
}
max-configurations-on-flash 5;
max-configuration-rollbacks 5;
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
}
interfaces {
fe-0/0/0 {
unit 0;
}
fe-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
fe-0/0/2 {
unit 0 {
description GNC;
family inet {
address ип/маск;
}
}
}
fe-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
fe-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
fe-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
fe-0/0/6 {
vlan-tagging;
unit 30 {
vlan-id 30;
family inet {
address 192.168.6.254/24;
}
}
unit 40 {
vlan-id 40;
family inet {
address 192.168.3.254/24;
}
}
unit 101 {
vlan-id 101;
family inet {
address 192.168.101.254/24;
}
}
unit 102 {
vlan-id 102;
family inet {
address 192.168.102.254/24;
}
}
unit 103 {
vlan-id 103;
family inet {
address 192.168.103.254/24;
}
}
}
fe-0/0/7 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ vlan-trust vlan30 vlan40 vlan101 vlan102 ];
}
}
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
unit 30 {
description "LEVEL 5 -> OFFICE SPACE";
family inet {
address 192.168.6.254/24;
}
}
unit 40 {
description "LEVEL 7 -> ";
family inet {
address 192.168.3.254/24;
}
}
unit 101 {
description "LEVEL 7 -> SERVER HP V1910 MANAGMENT";
family inet {
address 192.168.101.254/24;
}
}
unit 102 {
description "LEVEL 7 -> SERVER HP V1910 2 AP-MANAGMENT";
family inet {
address 192.168.102.254/24;
}
}
unit 103 {
description "LEVEL 7 -> DEFAULT IP";
family inet {
address 192.168.103.254/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop ип провайдера;
qualified-next-hop 192.168.6.20;
}
}
}
protocols {
stp;
}
security {
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
}
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
vlan.0;
vlan.30;
vlan.40;
vlan.101;
vlan.103;
fe-0/0/6.30;
fe-0/0/6.40;
fe-0/0/6.101;
fe-0/0/6.103;
vlan.102;
fe-0/0/6.102;
fe-0/0/5.0 {
host-inbound-traffic {
system-services {
dhcp;
ssh;
ping;
http;
}
}
}
}
}
security-zone untrust {
screen untrust-screen;
interfaces {
fe-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
tftp;
}
}
}
fe-0/0/1.0 {
host-inbound-traffic {
system-services {
ping;
ike;
http;
tftp;
}
protocols {
all;
}
}
}
}
}
}
}
vlans {
vlan-trust {
vlan-id 3;
l3-interface vlan.0;
}
vlan101 {
description MANAGMENT;
vlan-id 101;
interface {
fe-0/0/7.0;
}
l3-interface vlan.101;
}
vlan102 {
description "AP MANAGMENT";
vlan-id 102;
interface {
fe-0/0/7.0;
}
l3-interface vlan.102;
}
vlan103 {
description DEFAULT;
vlan-id 103;
l3-interface vlan.103;
}
vlan30 {
description "OFFICE SPACE";
vlan-id 30;
l3-interface vlan.30;
}
vlan40 {
description "OFFICE LAER";
vlan-id 40;
l3-interface vlan.40;
}
}
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question