Technical Documentation

Configuring the Software

The installation procedure connects the device to the network but does not enable it to forward traffic.

To configure the software:

Note: Make sure NVMRO is clear for the configuration changes to be saved permanently. If not, the changes are lost on reboot.

  1. Verify that the device is powered on.
  2. Log in as the root user.
  3. Start the CLI.
    root# cliroot@>
  4. Enter configuration mode.
    configure [edit]root@#
  5. Set the root authentication password by entering a cleartext password, or an encrypted password, or an SSH public key string (DSA or RSA).
    [edit]root@# set system root-authentication plain-text-passwordNew password password Retype new password password
  6. Configure an administrator account on the device.
    [edit]root@# set system login user admin class super-user authentication plain-text-password
  7. Configure the password for the administrator account.
    [edit]root@# set system root-authentication plain-text-password
  8. Commit the configuration to activate it on the device.
    [edit]root@# commit
  9. Log in as the administrator you configured in Step 6.
  10. Configure the name of the device. If the name includes spaces, enclose the name in double quotation marks (“ ”).
    configure [edit]admin@# set system host-name hostname
  11. Configure the IP address and prefix length for the device’s Ethernet interface. You can optionally use the location-based IP address Pools configuration. For further information, see Chapter 4, Location-Based IP Address Pools.
    [edit]admin@# set interfaces ge-0/0/0 unit 0 family inet address address/prefix-length
  12. Configure the traffic interfaces (ge-0/0/1–ge-0/0/7).
    [edit]admin@# set interfaces ge-0/0/1 unit 0 family inet address address/prefix-length admin@# set interfaces ge-0/0/5 unit 0 family inet address address/prefix-length
  13. Optionally, configure the default route.
    [edit]admin@# set routing-options static route 0.0.0.0/0 next-hop gateway
  14. Configure basic security zones and bind them to traffic interfaces.
    [edit]admin@# set security zones security-zone trust interfaces ge-0/0/5 admin@# set security zones security-zone untrust interfaces ge-0/0/0
  15. Configure basic security policies.
    [edit]admin@# set security policies from-zone trust to-zone untrust policy policy-name match source-address any destination-address any application any root@# set security policies from-zone trust to-zone untrust policy policy-name then permit
  16. Check the configuration for validity.
    [edit]admin@# commit checkconfiguration check succeeds
  17. Commit the configuration to activate it on the device.
    [edit]admin@# commitcommit complete
  18. Optionally, display the configuration to verify that it is correct.
    admin@# show
  19. When you have finished configuring the device, exit configuration mode.
    [edit]admin@host# exitadmin@host>

Related Topics


Published: 2010-06-14

Help
|
My Account
|
Log Out