admin# set interfaces ge-0/0/0 unit 0 family inet address address/prefix-length
admin# set interfaces ge-0/0/1 unit 0 family inet address address/prefix-length
NOTE: The ge-0/0/0 interface is for the LAN, and the ge-0/0/1 interface
is for the ISP.
12. Configure the default route.
[edit]
admin# set routing-options static route 0.0.0.0/0 next-hop gateway
13. Configure basic security zones and bind them to traffic interfaces.
[edit]
admin# set security zones security-zone untrust interfaces ge-0/0/0
admin# set security zones security-zone trust interfaces ge-0/0/1
14. Configure basic security policies.
[edit]
admin# set security policies from-zone trust to-zone untrust policy policy-name match
source-address any destination-address any application any
admin# set security policies from-zone trust to-zone untrust policy policy-name then permit
admin# set security policies from-zone untrust to-zone trust policy policy-name match
source-address any destination-address any application any
admin# set security policies from-zone untrust to-zone trust policy policy-name then permit
NOTE: The actual configuration of the policies depends on your
requirements.
15. Check the configuration for validity.
[edit]
admin# commit check
configuration check succeeds
16. Commit the configuration to activate it on the services gateway.
[edit]
Copyright © 2017, Juniper Networks, Inc.80
SRX1500 Services Gateway Hardware Guide
To Next Page
Loading...
