Router Context Configuration Settings

The following configuration settings are defined for router context:

All transit traffic security checks are disabled.
The default policy allows all transit traffic, and all interfaces are bound to the “trust” zone.
Protocol-aware checks for TCP are not performed.
IPv6 traffic is forwarded.
Application Layer Gateway (ALG) processing is not performed.

Configuration values are defined as follows in the jsr-series-routermode-factory.conf configuration file:

system {syslog {file messages { any any;}}services { telnet;ssh; web-management { http { interface [ ge-0/0/0.0 ]; }}}}interfaces { ge-0/0/0 { unit 0 { family inet { address 192.168.1.1/24;}}}}security { flow {allow-dns-reply;tcp-session { no-syn-check;no-syn-check-in-tunnel;no-sequence-check;}}forwarding-options {family {iso {mode flow-based;}inet6 { mode packet-based;}}}policies { default-policy {permit-all;}}zones { security-zone trust {tcp-rst; host-inbound-traffic {system-services {any-service;}protocols {all;}}interfaces { all;}}}alg { dns disable;ftp disable;h323 disable;mgcp disable; real disable;rsh disable; rtsp disable;sccp disable;sip disable;sql disable;talk disable;tftp disable;pptp disable;msrpc disable;sunrpc disable;}}