In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-26 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
It is believed that many inexperienced people have no idea about how to analyze the ex2200 configuration and simple commands of juniper switch. therefore, this paper summarizes the causes and solutions of the problem. I hope you can solve this problem through this article.
Qnqy-dpf-jrex2200-0,000show | display set
Set version 12.3R11.2
Set system host-name qnqy-dpf-jrex2200-01
Set system time-zone Asia/Shanghai
Set system root-authentication encrypted-password "$1 $7RMyTyeG$tLGAToBggMFhcOw85Ts.EP/"
Set system login user admin uid 2000
Set system login user admin class super-user
Set system login user admin authentication encrypted-password "$1 $m5Fp3PtY$cenAvv5Yq6VKsAlA317C2E/"
Set system services ftp
Set system services ssh
Set system services telnet
Set system services web-management https system-generated-certificate
Set system services web-management https interface all
Set system syslog user * any emergency
Set system syslog file messages any notice
Set system syslog file messages authorization info
Set system syslog file interactive-commands interactive-commands any
Set system ntp boot-server 192.168.16.45
Set system ntp server 192.168.16.45
Set chassis alarm management-ethernet link-down ignore
Set chassis auto-image-upgrade
Set interfaces interface-range allport member-range ge-0/0/0 to ge-0/0/20
Set interfaces interface-range allport unit 0 family ethernet-switching port-mode access
Set interfaces interface-range allport unit 0 family ethernet-switching vlan members vlan_54
Set interfaces interface-range allport unit 0 family ethernet-switching filter input 54
Deactivate interfaces interface-range allport unit 0 family ethernet-switching filter
Set interfaces ge-0/0/0 unit 0 family ethernet-switching
Set interfaces ge-0/0/1 unit 0 family ethernet-switching
Set interfaces ge-0/0/2 unit 0 family ethernet-switching
Set interfaces ge-0/0/3 unit 0 family ethernet-switching
Set interfaces ge-0/0/4 unit 0 family ethernet-switching
Set interfaces ge-0/0/5 unit 0 family ethernet-switching
Set interfaces ge-0/0/6 unit 0 family ethernet-switching
Set interfaces ge-0/0/7 unit 0 family ethernet-switching
Set interfaces ge-0/0/8 unit 0 family ethernet-switching
Set interfaces ge-0/0/9 unit 0 family ethernet-switching
Set interfaces ge-0/0/10 unit 0 family ethernet-switching
Set interfaces ge-0/0/11 unit 0 family ethernet-switching
Set interfaces ge-0/0/12 unit 0 family ethernet-switching
Set interfaces ge-0/0/13 unit 0 family ethernet-switching
Set interfaces ge-0/0/14 unit 0 family ethernet-switching
Set interfaces ge-0/0/15 unit 0 family ethernet-switching
Set interfaces ge-0/0/16 unit 0 family ethernet-switching
Set interfaces ge-0/0/17 unit 0 family ethernet-switching
Set interfaces ge-0/0/18 unit 0 family ethernet-switching
Set interfaces ge-0/0/19 unit 0 family ethernet-switching
Set interfaces ge-0/0/20 unit 0 family ethernet-switching
Set interfaces ge-0/0/21 unit 0 family ethernet-switching port-mode access
Set interfaces ge-0/0/21 unit 0 family ethernet-switching vlan members 917
Set interfaces ge-0/0/22 unit 0 family ethernet-switching port-mode access
Set interfaces ge-0/0/22 unit 0 family ethernet-switching vlan members vlan_54
Set interfaces ge-0/0/23 unit 0 family ethernet-switching port-mode trunk
Set interfaces ge-0/0/23 unit 0 family ethernet-switching vlan members all
Set interfaces ge-0/1/0 unit 0 family ethernet-switching port-mode trunk
Set interfaces ge-0/1/0 unit 0 family ethernet-switching vlan members all
Set interfaces ge-0/1/2 unit 0 family ethernet-switching
Set interfaces ge-0/1/3 unit 0 family ethernet-switching
Set interfaces vlan unit 0
Set interfaces vlan unit 502 family inet address 192.168.13.171/24
Set snmp community public authorization read-only
Set routing-options static route 0.0.0.0/0 next-hop 192.168.13.254
Set protocols igmp-snooping vlan all
Set protocols rstp bridge-priority 60k
Set protocols rstp interface allport edge
Set protocols vstp vlan vlan_502
Set protocols vstp vlan vlan_54
Set protocols lldp interface all
Set protocols lldp-med interface all
Set firewall family inet filter RE_Filter term 1 from source-address 192.168.16.0/24
Set firewall family inet filter RE_Filter term 1 from protocol tcp
Set firewall family inet filter RE_Filter term 1 from destination-port telnet
Set firewall family inet filter RE_Filter term 1 from destination-port ssh
Set firewall family inet filter RE_Filter term 1 from destination-port http
Set firewall family inet filter RE_Filter term 1 from destination-port ftp
Set firewall family inet filter RE_Filter term 1 from destination-port https
Set firewall family inet filter RE_Filter term 1 then accept
Set firewall family inet filter RE_Filter term 2 from protocol tcp
Set firewall family inet filter RE_Filter term 2 from destination-port telnet
Set firewall family inet filter RE_Filter term 2 from destination-port ssh
Set firewall family inet filter RE_Filter term 2 from destination-port http
Set firewall family inet filter RE_Filter term 2 from destination-port ftp
Set firewall family inet filter RE_Filter term 2 from destination-port https
Set firewall family inet filter RE_Filter term 2 then discard
Set firewall family inet filter RE_Filter term icmp from source-address 192.168.16.0/24
Set firewall family inet filter RE_Filter term icmp from protocol icmp
Set firewall family inet filter RE_Filter term icmp then accept
Set firewall family inet filter RE_Filter term icmp-other from protocol icmp
Set firewall family inet filter RE_Filter term icmp-other then discard
Set firewall family inet filter RE_Filter term NTP from source-address 192.168.16.45/32
Set firewall family inet filter RE_Filter term NTP from protocol tcp
Set firewall family inet filter RE_Filter term NTP from protocol udp
Set firewall family inet filter RE_Filter term NTP from source-port ntp
Set firewall family inet filter RE_Filter term NTP-Other from protocol tcp
Set firewall family inet filter RE_Filter term NTP-Other from protocol udp
Set firewall family inet filter RE_Filter term NTP-Other from source-port ntp
Set firewall family inet filter RE_Filter term NTP-Other then discard
Set firewall family inet filter RE_Filter term Other then accept
Set firewall family ethernet-switching filter 54 term 1 from protocol udp
Set firewall family ethernet-switching filter 54 term 1 from destination-port 1434
Set firewall family ethernet-switching filter 54 term 1 from destination-port 1433
Set firewall family ethernet-switching filter 54 term 1 from destination-port netbios-ns
Set firewall family ethernet-switching filter 54 term 1 from destination-port netbios-dgm
Set firewall family ethernet-switching filter 54 term 1 from destination-port 139
Set firewall family ethernet-switching filter 54 term 1 from destination-port netbios-ssn
Set firewall family ethernet-switching filter 54 term 1 then discard
Set firewall family ethernet-switching filter 54 term 2 from protocol tcp
Set firewall family ethernet-switching filter 54 term 2 from destination-port 135
Set firewall family ethernet-switching filter 54 term 2 from destination-port 139
Set firewall family ethernet-switching filter 54 term 2 from destination-port 445
Set firewall family ethernet-switching filter 54 term 2 then discard
Set firewall family ethernet-switching filter 54 term Other-Permit then accept
Set ethernet-switching-options secure-access-port interface ge-0/0/23.0 dhcp-trusted
Set ethernet-switching-options secure-access-port interface ge-0/1/0.0 dhcp-trusted
Set ethernet-switching-options secure-access-port interface allport mac-limit 10
Set ethernet-switching-options secure-access-port interface allport mac-limit action shutdown
Set ethernet-switching-options secure-access-port interface allport vlan 54 mac-limit 10
Set ethernet-switching-options secure-access-port interface allport vlan 54 mac-limit action drop
Set ethernet-switching-options secure-access-port interface allport no-dhcp-trusted
Set ethernet-switching-options secure-access-port vlan vlan_54 arp-inspection
Set ethernet-switching-options secure-access-port vlan vlan_54 examine-dhcp
Set ethernet-switching-options secure-access-port vlan vlan_54 ip-source-guard
Set ethernet-switching-options port-error-disable disable-timeout 600
Set ethernet-switching-options storm-control interface all
Set ethernet-switching-options bpdu-block interface allport
Set vlans default l3-interface vlan.0
Set vlans vlan917 vlan-id 917
Set vlans vlan_502 vlan-id 502
Set vlans vlan_502 l3-interface vlan.502
Set vlans vlan_506 vlan-id 506
Set vlans vlan_54 vlan-id 54
Set vlans vlan_924 description guanli-vlan
Set vlans vlan_924 vlan-id 924
Simple command
Login: root
Password:
Enter cli; config;show | disp set for viewing and configuration after login
Root@qnqy-dpf-jrex2200-01Reed 0% cli
{master:0}
Root@qnqy-dpf-jrex2200-01 > configure
Entering configuration mode
{master:0} [edit]
Root@qnqy-dpf-jrex2200-0,000show | display set
Set version 12.3R11.2
Set system host-name qnqy-dpf-jrex2200-01
Set system time-zone Asia/Shanghai
Set system root-authentication encrypted-password ""
Set system login user admin uid 2000
Set system login user admin class super-user
Set system login user admin
.
Set ge0/0/0 from vlan809 to vlan917
Root@qnqy-dpf-jrex2200-01#et interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode access
{master:0} [edit]
Root@qnqy-dpf-jrex2200-0 delete interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members 809
{master:0} [edit]
Root@qnqy-dpf-jrex2200-0mm set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members 917
If you want to delete a vlan, you should first clear the port it belongs to, and then delete it. After all the changes, you have to submit the commit before it takes effect.
Configuration check succeeds
Commit complete
Configure the management address, interface vlan. To enter port mode, set the vlan502 interface management address 192.168.13.171
Root@qnqy-dpf-jrex2200-0mm edit interfaces
{master:0} [edit interfaces]
Root@qnqy-dpf-jrex2200-01#set vlan unit 502 family inet address 192.168.13.171 Universe 24
Top returns to globally bind the vlan layer 3 interface
Root@qnqy-dpf-jrex2200-01#set vlans vlan_502 l3-interface vlan.502
Restart
Root > request system reboot
View serial number and optical port hardware information
Root > show chassis hardware
Ping command
Root > ping 192.168.127.254
Check alarm information and temperature
Root > show chassis alarms
Root > show chassis environment
After reading the above, have you mastered how to analyze the ex2200 configuration and simple commands of juniper switches? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
