Consider the configuration below.
I want to configure the second port to be on the 10.132.24.0/24 subnet using 10.132.24.1 IP. I then want to plug a switch into that port and have all connected devices be on that subnet. Can anyone help me achieve this?
Code:
version 10.4R7.5;
system {
host-name SRX_1600Prvd;
time-zone America/Chicago;
root-authentication {
encrypted-password "$"; ## SECRET-DATA
}
name-server {
208.67.222.222;
208.67.220.220;
}
login {
user admin {
uid 1000;
class super-user;
authentication {
encrypted-password "$/"; ## SECRET-DATA
}
}
}
services {
ssh;
telnet;
xnm-clear-text;
web-management {
http {
interface [ vlan.0 ge-0/0/15.0 ge-0/0/0.0 ];
}
https {
system-generated-certificate;
interface [ vlan.0 ge-0/0/0.0 ge-0/0/15.0 ];
}
}
}
syslog {
archive size 100k files 3;
user * {
any emergency;
}
file messages {
any critical;
authorization info;
}
file interactive-commands {
interactive-commands error;
}
}
max-configurations-on-flash 5;
max-configuration-rollbacks 5;
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
}
interfaces {
ge-0/0/0 {
per-unit-scheduler;
speed 100m;
link-mode full-duplex;
unit 0 {
description "TW WAN";
family inet {
filter {
output choose-vc;
}
address 192.168.99.1/24;
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}?
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members vlan-trust;
}
}
}
}
ge-0/0/15 {
unit 0 {
family inet {
address 192.168.100.1/24;
}
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.100.2;
route 10.133.1.0/24 next-hop 192.168.100.2;
route 10.132.1.0/24 next-hop 192.168.100.2;
}
router-id 192.168.100.1;
}
protocols {
ospf {
export ospf-redistribute;
area 0.0.0.0 {
interface ge-0/0/0.0 {
priority 250;
}
interface ge-0/0/15.0;
}
}
stp;
}
policy-options {
policy-statement ospf-redistribute {
term static {
from protocol static;
then accept;
}
}
}
class-of-service {
classifiers {
dscp Avaya {
forwarding-class expedited-forwarding {
loss-priority low code-points ef;
}
}
}
drop-profiles {
All-BE {
interpolate {
fill-level 90;
drop-probability 100;
}
}
}
virtual-channels {
DrTO_VC;
McGr_VC;
WHC_VC;
default_VC;
BelHill_VC;
BelMd_VC;
Elm_VC;
MLKCC_VC;
MyCCC_VC;
MCC_VC;
WstWaco_VC;
NLCDC_VC;
}
virtual-channel-groups {
WAN_VC_GRP {
DrTO_VC {
scheduler-map TW_WAN;
shaping-rate 10m;
}
WHC_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
McGr_VC {
scheduler-map TW_WAN;
shaping-rate 10m;
}
default_VC {
scheduler-map TW_WAN;
default;
}
BelHill_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
BelMd_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
Elm_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
MLKCC_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
MyCCC_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
NLCDC_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
MCC_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
WstWaco_VC {
scheduler-map TW_WAN;
shaping-rate 5m;
}
}
}
forwarding-classes {
queue 1 expedited-forwarding;
queue 0 best-effort;
}
interfaces {
ge-0/0/0 {
unit * {
scheduler-map TW_WAN;
}
unit 0 {
virtual-channel-group WAN_VC_GRP;
}
}
ge-0/0/15 {
unit * {
classifiers {
dscp Avaya;
}
}
}
}
scheduler-maps {
TW_WAN {
forwarding-class best-effort scheduler non-VoIP;
forwarding-class expedited-forwarding scheduler Avaya-Voice;
}
}
schedulers {
Avaya-Voice {
transmit-rate percent 15;
shaping-rate 15m;
buffer-size percent 20;
priority high;
}
non-VoIP {
transmit-rate remainder;
buffer-size remainder;
priority low;
drop-profile-map loss-priority low protocol any drop-profile All-BE;
}
}
}
security {
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
}
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
vlan.0;
ge-0/0/15.0 {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
}
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
}
}
}
security-zone untrust {
screen untrust-screen;
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
}
}
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
from-zone trust to-zone trust {
policy intra_traffic {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
}
firewall {
family inet {
filter choose-vc {
term DrTO {
from {
destination-address {
10.133.10.0/24;
}
}
then {
log;
virtual-channel DrTO_VC;
accept;
}
}
term WHC {
from {
destination-address {
10.133.12.0/24;
}
}
then {
virtual-channel WHC_VC;
accept;
}
}
term McGr {
from {
destination-address {
10.133.14.0/24;
}
}
then {
virtual-channel McGr_VC;
accept;
}
}
term default {
then accept;
}
term BelHill {
from {
destination-address {
10.133.21.0/24;
}
}
then {
virtual-channel BelHill_VC;
accept;
}
}
term BelMd {
from {
destination-address {
10.133.16.0/24;
}
}
then {
virtual-channel BelMd_VC;
accept;
}
}
term Elm {
from {
destination-address {
10.133.17.0/24;
}
}
then {
virtual-channel Elm_VC;
accept;
}
}
term MCC {
from {
destination-address {
10.133.19.0/24;
}
}
then {
virtual-channel MCC_VC;
accept;
}
}
term MLK {
from {
destination-address {
10.133.20.0/24;
}
}
then {
virtual-channel MLKCC_VC;
accept;
}
}
term MyCCC {
from {
destination-address {
10.133.13.0/24;
}
}
then {
virtual-channel MyCCC_VC;
accept;
}
}
term NLCDC {
from {
destination-address {
10.133.22.0/24;
}
}
then {
virtual-channel NLCDC_VC;
accept;
}
}
term WstWaco {
from {
destination-address {
10.133.15.0/24;
}
}
then {
virtual-channel WstWaco_VC;
accept;
}
}
}
}
}
vlans {
vlan-trust {
vlan-id 3;
l3-interface vlan.0;
}
}
Register
Search 
Login
