Changes

Jump to: navigation, search

Router - Juniper SRX

1,612 bytes added, 18:09, 29 March 2015
Added IPv6
|}
 
== IPv4Dual-onlystack Example Config ==
 
* Statically configured IPv4 and IPv6 for a single AAISP line
* Trust VLAN on Ethernet Port 0-6
* PPPoE configured on Ethernet Port 7
 
<source>
## Last changed: 2015-03-29 17:42:36 BST
version 12.1X46-D30.2;
system {
host-name dsl-router;
url https://ae1.juniper.net/junos/key_retrieval;
}
stp;}
ntp {
server 90.155.53.94;
server 90.155.53.93;
}
}
}
}
pp0lo0 {
traceoptionsunit 0 {
flagfamily all;inet6 {
address 2001:8b0:XXXX::1/128;
}
}
}
pp0 {
unit 0 {
description AAISP;
mtu 1492;
negotiate-address;
}
family inet6 {
mtu 1492;
}
}
family inet {
address 192.168.1.1/24;
}
family inet6 {
address 2001:8b0:XXXX:3::1/64;
}
}
}
routing-options {
rib inet6.0 {
static {
route 0.0.0.0/0 next-hop pp0.0;static {
} route 0::0/0 next-hop pp0.0;
}
}
static {
route 0.0.0.0/0 next-hop pp0.0;
}
}
protocols {
router-advertisement {
stp;
interface vlan.3 {
prefix 2001:8b0:XXXX:3::/64;
}
}
}
security {
forwarding-options {
family {
inet6 {
mode flow-based;
}
}
}
screen {
ids-option untrust-screen {
}
}
}
from-zone untrust to-zone trust {
policy ping6-to-trust {
match {
source-address any-ipv6;
destination-address any-ipv6;
application junos-pingv6;
}
then {
static { permit;
}
}
policy reject-untrust-to-trust {
match {
source-address any;
destination-address any;
application any;
}
then {
reject;
}
}
}
default-policy {
deny-all;
}
}
interfaces {
vlan.3;
lo0.0;
}
}
security-zone untrust {
screen untrust-screen;
host-inbound-traffic {
system-services {
ping;
}
}
interfaces {
pp0.0;
55
edits

Navigation menu