Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Step 7: Perform the Initial Software Configuration

This procedure connects the firewall to the network but does not enable it to forward traffic. For complete information about enabling the firewall to forward traffic, including examples, see the appropriate Junos operating system (Junos OS) configuration guides at

To configure the software:

Enter Configuration Mode

  1. If you have not already done so, switch the circuit breaker or toggle switch for each power supply to the ON position to start the device. The OK LED on the power supply faceplate should blink, and then light steadily.
  2. Log in as the root user. There is no password.
  3. Start the CLI.
  4. Enter configuration mode.

Configure User Accounts and Passwords

  1. Set the root authentication password by entering a cleartext password, an encrypted password, or an SSH public key string (DSA or RSA).
  2. Configure an administrator account on the device. When prompted, enter the password for the administrator account.
  3. Commit the configuration to activate it on the firewall.

Configure System Attributes

  1. Log in as the administrative user that you configured earlier.
  2. Configure the name of the firewall. If the name includes spaces, enclose the name in quotation marks (“ ”).
  3. Configure the IP address and prefix length for the firewall Ethernet interface.
  4. Configure the traffic interface.
  5. Configure the default route.
  6. Configure basic security zones and bind them to traffic interfaces.
  7. Configure basic security policies.

Commit the Configuration

  1. Check the configuration for validity.
  2. Optionally, display the configuration to verify that it is correct.
  3. Commit the configuration to activate it on the firewall.
  4. Optionally, configure additional properties by adding the necessary configuration statements. Then commit the changes to activate them on the firewall.
  5. When you have finished configuring the firewall, exit configuration mode.