Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configuring cSRX Using the Junos OS CLI

This section provides basic CLI configurations that can be used for configuring cSRX containers. For more details see, Introducing the Junos OS Command-Line Interface.

To configure the cSRX container using the Junos OS CLI:

  1. Launch the cSRX container. Use the docker run command to launch the cSRX container. You include the mgt_bridge management bridge to connect the cSRX to a network. If you intend to log into the cSRX container using SSH, you must specify an initial root password when launching the cSRX.

    root@csrx-ubuntu3:~/csrx# docker run -d --privileged --network=mgt_bridge -e CSRX_ROOT_PASSWORD=<password> --name=<csrx-container-name> hub.juniper.net/security/<csrx-image-name>

    For example, to launch csrx2 using cSRX software image csrx:18.21R1.9 and root password root123 enter:

    root@csrx-ubuntu3:~/csrx# docker run -d --privileged --network=mgt_bridge -e CSRX_ROOT_PASSWORD=root123 --name=csrx2 hub.juniper.net/security/csrx:18.2R1.9

    Note:

    You must include the --privileged flag in the docker run command to enable the cSRX container to run in privileged mode.

  2. Log in to the cSRX container using SSH which is accessed by cSRX exposed service port.
  3. Start the CLI as root user.
    Note:

    When a cSRX container is launched, if you specified to log into the cSRX container with an initial root password, access to the cSRX container using SSH will be enforced with user name and password.

  4. Verify the interfaces.

    root@> show interfaces

  5. Enter configuration mode.
  6. Set the root authentication password by entering a cleartext password, an encrypted password, or an SSH public key string (DSA or RSA).
  7. Configure the hostname.
  8. Configure the two traffic interfaces.
  9. Configure basic security zones for the public and private interfaces and bind them to traffic interfaces.
  10. Verify the configuration.
  11. Commit the configuration to activate it on the cSRX instance.
  12. (Optional) Use the show command to display the configuration for verification.