EasyManua.ls Logo

Juniper NFX250 - Page 200

Juniper NFX250
230 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
root@ipsec-nm# set security ipsec vpn VPN1 traffic-selector VPN1_TS1 remote-ip
41.0.1.0/24
root@ipsec-nm# set security ipsec vpn VPN1 establish-tunnels immediately
10. Configure security flow:
[edit security]
root@ipsec-nm# set security flow tcp-mss all-tcp mss 1300
11. Configure security policies:
[edit security]
root@ipsec-nm# set security policies default-policy permit-all
12. Configure security zones:
[edit security]
root@ipsec-nm# set security zones security-zone trust host-inbound-traffic
system-services all
root@ipsec-nm# set security zones security-zone trust host-inbound-traffic protocols
all
root@ipsec-nm# set security zones security-zone trust interfaces ge-0/0/0.0
root@ipsec-nm# set security zones security-zone untrust host-inbound-traffic
system-services all
root@ipsec-nm# set security zones security-zone untrust host-inbound-traffic
protocols all
root@ipsec-nm# set security zones security-zone untrust interfaces ge-0/0/1.0
13. Configure interfaces for IPSec-NM:
[edit]
root@ipsec-nm# set interfaces ge-0/0/0 unit 0 vlan-id 100
root@ipsec-nm# set interfaces ge-0/0/0 unit 0 family inet address 3.3.3.2/24
root@ipsec-nm# set interfaces ge-0/0/0 unit 0 family inet6 address 3000::1/64
root@ipsec-nm# set interfaces ge-0/0/0 vlan-tagging
root@ipsec-nm# set interfaces ge-0/0/1 unit 0 vlan-id 4088
root@ipsec-nm# set interfaces ge-0/0/1 unit 0 family inet address 51.0.1.1/24
root@ipsec-nm# set interfaces ge-0/0/1 unit 0 family inet6 address 5000::1/64
root@ipsec-nm# set interfaces ge-0/0/1 vlan-tagging
14. Configure routing options:
[edit]
root@ipsec-nm# set routing-options static route 2.2.2.0/24 next-hop 21.1.1.2
Results From configuration mode, confirm your configuration by entering the show interfaces,
show security ike, and show security ipsec commands. If the output does not display the
intended configuration, repeat the instructions in this example to correct the configuration.
[edit]
root@ipsec-nm# show security ike
traceoptions {
file kmd;
Copyright © 2017, Juniper Networks, Inc.182
JDM User Guide for NFX250 Network Services Platform

Table of Contents

Other manuals for Juniper NFX250

Preview: Quick Start
Quick Start9 pages
Preview: Quick Start Guide
Quick Start Guide7 pages

Related product manuals