Page Comparison

Image RemovedImage Added

https://www.juniper.net/techpubs/en_US/vsrx15.1x49/topics/task/configuration/security-vsrx-cli-configuring.html

3 interfaces:

1- management usually fxp0 ( in this case ge-0/0/2)  192.168.70.21/24

...

3- untrusted zone: ge-0/0/0         1.2.3.21/24

Basic Configuration for management in vSRX1:

set system host-name vsrx1set system services web-management http interface ge-0/0/2.0

#Add the IP@IMgt P@:

set interfaces ge-0/0/0 2 description "to unstrusted zonemanagement"

set interfaces ge-0/0/0 2 gigether-options no-auto-negotiation

set interfaces ge-0/0/0 2 unit 0 family inet address 1192.2168.370.21/24

#Create the management zone:

set security zones functional-zone management interfaces ge-0/0/2.0

set security zones functional-zone management host-inbound-traffic system-services all

set system services web-management http interface ge-0/0/2.0

#Add the IP@:

set interfaces ge-0/0/1 0 description "to trusted unstrusted zone"

set interfaces ge-0/0/1 0 gigether-options no-auto-negotiation

set interfaces ge-0/0/1 0 unit 0 family inet address 111.02.03.21/24

set interfaces ge-0/0/2 1 description "to managementtrusted zone"

set interfaces ge-0/0/2 1 gigether-options no-auto-negotiation

set interfaces ge-0/0/2 1 unit 0 family inet address 19211.1680.700.21/24

#Create the management zone:

set security zones functional-zone management interfaces ge-0/0/2.0

set security zones functional-zone management host-inbound-traffic system-services all

#Add the interface to the trusted zone:

set security zones security-zone trust interfaces ge-0/0/1.0

#Allow ping in the trust zone:

set security zones security-zone trust host-inbound-traffic system-services ping

...

Basic Configuration for management in vSRX2:

root@vsrx2> show configuration | display set

...