Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring Junos OS on the SRX4100

SRX4100 Firewall Software Configuration Overview

The services gateway is shipped with Junos OS preinstalled and ready to be configured when the services gateway is powered on. If you are setting up the services gateway for the first time, use the CLI to perform the initial configuration.

SRX4100 Firewall Factory-Default Settings

Your services gateway comes configured with a factory-default configuration.

Table 1 and Table 2 lists the factory-default settings.

Table 1: Factory-Default Settings - Interfaces

Interface

IP Address

fxp0

192.168.1.1/24

Table 2: Factory-Default Settings - Services

Services

SSH

HTTPS

NETCONF over SSH

Viewing Factory-Default Settings

To view the factory-default settings on your services gateway:

  1. Log in as the root user and provide your credentials.
  2. View the list of default configuration files:

  3. View the required default configuration file.

When you commit changes to the configuration, a new configuration file is created, which becomes the active configuration. If the current active configuration fails, you can use the load factory-default command to revert to the factory-default configuration.

Configuring the SRX4100 Services Gateway

Note:

Before you can use J-Web to configure your services gateway, you must access the CLI to configure the root authentication.

This procedure explains how you can create an initial configuration using CLI commands to connect the services gateway to the network.

  1. Connect the RJ-45 end of the DB9-to-RJ-45 cable into the CONSOLE port on your services gateway.
  2. Connect the other end of the cable to the serial port on the management device.
  3. Log in to the services gateway as root. When the services gateway is powered on with the factory-default configuration, you do not need to enter a password.
  4. At the (%) prompt, type cli to start the CLI and press Enter. The prompt changes to an angle bracket (>) when you enter CLI operational mode.
  5. At the (>) prompt, type configure and press Enter. The prompt changes from > to # when you enter configuration mode.
  6. Set the root authentication password by entering a cleartext password, an encrypted password, or an SSH public key string (DSA or RSA).
  7. Configure the route for the management interface (optional, required only if you do not connect the MGMT port directly to the management device).
  8. Commit the configuration to activate it on the services gateway.
  9. Connect the MGMT port on the device to the Ethernet port on the management device using an RJ-45 cable.
  10. Configure an IP address on the 192.168.1.0/24 subnetwork for the management device. By default, the management interface is configured with the 192.168.1.1/24 IP address. If you need to change the IP address, perform the following steps or else proceed to 11.
    1. Delete the default management interface IP address:

    2. Configure a new IP address for the management interface:

    3. Commit the configuration changes.

    4. Configure an IP address for the management device. Ensure that the IP address is on the same subnetwork as the management interface (fxp0).

  11. Launch a Web browser from the management device and access the services gateway using the URL https://192.168.1.1.

    If you changed the management interface IP address in Step 10, then use the URL https://<management IP address> to access the services gateway.

    Note:

    As the system-generated certificate is not trusted by default, an alert is displayed. You can ignore this alert and proceed to access the services gateway.

    The J-Web login page is displayed. This indicates that you have successfully completed the initial configuration and that your services gateway is ready for use.

    Note:

    To access the J-Web interface, your management device requires one of the following supported browsers:

    • Microsoft Internet Explorer version 9.0 or 10.0

    • Mozilla Firefox version 38 (or later)

  12. Log in as root and proceed with configuring the settings based on your requirements.