Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    SRX240 Factory Default Settings

    The following output displays the factory default configuration of an SRX240 Services Gateway:

    root@ngs-vd# show 
    ## Last changed: 2015-02-19 11:29:28 UTC
    version 12.1X44-D46;
    system {
        autoinstallation {
            delete-upon-commit; ## Deletes [system autoinstallation] upon change/commit
            traceoptions {
                level verbose;
                flag {
                    all;
                }
            }
            interfaces {
                ge-0/0/0 {
                    bootp;
                }
            }
        }
        name-server {
            208.67.222.222;
            208.67.220.220;
        }
        services {
            ssh;                            
            telnet;
            xnm-clear-text;
            web-management {
                http {
                    interface vlan.0;
                }
                https {
                    system-generated-certificate;
                    interface vlan.0;
                }
            }
            dhcp {
                router {
                    192.168.1.1;
                }
                pool 192.168.1.0/24 {
                    address-range low 192.168.1.2 high 192.168.1.254;
                }
                propagate-settings ge-0/0/0.0;
            }
        }
        syslog {
            archive size 100k files 3;      
            user * {
                any emergency;
            }
            file messages {
                any critical;
                authorization info;
            }
            file interactive-commands {
                interactive-commands error;
            }
        }
        max-configurations-on-flash 5;
        max-configuration-rollbacks 5;
        license {
            autoupdate {
                url https://ae1.juniper.net/junos/key_retrieval;
            }
        }
        ## Warning: missing mandatory statement(s): 'root-authentication'
    }
    interfaces {
        ge-0/0/0 {
            unit 0;                         
        }
        ge-0/0/1 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/2 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/3 {
            unit 0 {
                family ethernet-switching {
                    vlan {                  
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/4 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/5 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }                                   
        ge-0/0/6 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/7 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/8 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust; 
                    }
                }
            }
        }
        ge-0/0/9 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/10 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/11 {                         
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/12 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/13 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }                       
                }
            }
        }
        ge-0/0/14 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        ge-0/0/15 {
            unit 0 {
                family ethernet-switching {
                    vlan {
                        members vlan-trust;
                    }
                }
            }
        }
        vlan {
            unit 0 {                        
                family inet {
                    address 192.168.1.1/24;
                }
            }
        }
    }
    protocols {
        stp;
    }
    security {
        screen {
            ids-option untrust-screen {
                icmp {
                    ping-death;
                }
                ip {
                    source-route-option;
                    tear-drop;
                }
                tcp {
                    syn-flood {
                        alarm-threshold 1024;
                        attack-threshold 200;
                        source-threshold 1024;
                        destination-threshold 2048;
                        timeout 20;
                    }
                    land;
                }
            }
        }
        nat {
            source {
                rule-set trust-to-untrust {
                    from zone trust;
                    to zone untrust;
                    rule source-nat-rule {
                        match {
                            source-address 0.0.0.0/0;
                        }
                        then {
                            source-nat {
                                interface;
                            }
                        }
                    }                       
                }
            }
        }
        policies {
            from-zone trust to-zone untrust {
                policy trust-to-untrust {
                    match {
                        source-address any;
                        destination-address any;
                        application any;
                    }
                    then {
                        permit;
                    }
                }
            }
        }
        zones {
            security-zone trust {
                host-inbound-traffic {
                    system-services {
                        all;
                    }                       
                    protocols {
                        all;
                    }
                }
                interfaces {
                    vlan.0;
                }
            }
            security-zone untrust {
                screen untrust-screen;
                interfaces {
                    ge-0/0/0.0 {
                        host-inbound-traffic {
                            system-services {
                                dhcp;
                                tftp;
                            }
                        }
                    }
                }
            }
        }
    }                                       
    poe {
        interface all;
    }
    vlans {
        vlan-trust {
            vlan-id 3;
            l3-interface vlan.0;
        }
    }
    
    [edit]
    

    Published: 2015-03-24