-
JUNIPER
双机热备配置
unset key protection enable
set clock timezone 0
set
vrouter trust-vr sharable
set vrouter
"untrust-vr"
exit
set vrouter "trust-vr"
unset auto-route-export
exit
set alg appleichat enable
unset alg appleichat re-assembly enable
set alg sctp enable
set
auth-server "Local" id 0
set
auth-server "Local" server-name
"Local"
set auth default auth
server "Local"
set auth
radius accounting port 1646
set admin
name "netscreen"
set admin
password
"nM9dBJrVGrCEc3RGssLAgHAtesLken"
set admin auth web timeout 10
set admin auth server "Local"
set admin format dos
set
zone "Trust" vrouter "trust-
vr"
set zone "Untrust"
vrouter "trust-vr"
set zone
"DMZ" vrouter "trust-vr"
set zone "VLAN" vrouter
"trust-vr"
set zone
"Untrust-Tun" vrouter "trust-
vr"
set zone "Trust"
tcp-rst
set zone
"Untrust" block
unset zone "Untrust" tcp-rst
set zone "MGT"
block
unset zone
"V1-Trust" tcp-rst
unset zone "V1-Untrust" tcp-
rst
set zone
"DMZ" tcp-rst
unset zone "V1-DMZ" tcp-rst
unset zone "VLAN"
tcp-rst
set zone
"Trust" screen icmp-flood
set
zone "Trust" screen udp-flood
set zone "Trust" screen
winnuke
set zone "Trust"
screen port-scan
set zone
"Trust" screen ip-sweep
set
zone "Trust" screen tear-drop
set zone "Trust" screen syn-
flood
set zone "Trust" screen
ip-spoofing
set zone "Trust"
screen ping-death
set zone
"Trust" screen land
set zone
"Trust" screen icmp-fragment
set zone "Trust" screen icmp-
large
set zone "Trust" screen
syn-ack-ack-proxy
set zone
"Trust" screen icmp-id
set
zone "Trust" screen tcp-sweep
set zone "Trust" screen udp-
sweep
set zone "Untrust"
screen icmp-flood
set zone
"Untrust" screen udp-flood
set zone "Untrust" screen
tear-drop
set zone "Untrust"
screen syn-flood
set zone
"Untrust" screen ping-death
set zone "Untrust" screen ip-
filter-src
set zone "Untrust"
screen land
set zone
"V1-Untrust" screen tear-drop
set zone "V1-Untrust" screen
syn-flood
set zone
"V1-Untrust" screen ping-death
set zone "V1-Untrust" screen
ip-filter-src
set zone
"V1-Untrust" screen land
set
interface id 80 "redundant1" zone
"Untrust"
set interface
"ethernet0/0" zone "MGT"
set interface "ethernet0/1"
zone "Trust"
set interface
"ethernet0/2" zone "Trust"
set interface "ethernet0/8"
zone "HA"
set interface
"ethernet0/9" zone "HA"
set interface ethernet0/3 group
redundant1
set interface ethernet0/0 ip
192.168.1.1/24
set interface
ethernet0/0 nat
unset interface vlan1
ip
set interface ethernet0/1 ip
10.31.0.9/29
set interface ethernet0/1
nat
set interface ethernet0/2 ip
10.31.0.25/29
set interface ethernet0/2
nat
set interface redundant1 ip
10.31.0.4/29
set interface redundant1
route
unset interface vlan1 bypass-
others-ipsec
unset interface vlan1
bypass-non-ip
set interface redundant1
manage-ip 10.31.0.5
set interface
ethernet0/1 ip manageable
set interface
ethernet0/2 ip manageable
-
-
-
-
-
-
-
-
-
上一篇:心血管科常用英文缩写
下一篇:文言文名篇观潮翻译及解析