
- •Contents
- •Course Overview
- •Course Agenda
- •Document Conventions
- •Additional Information
- •The Junos CLI (Detailed)
- •Overview
- •Part 1: Logging In and Exploring the CLI
- •Step 1.1
- •Step 1.2
- •Step 1.3
- •Step 1.4
- •Step 1.5
- •Step 1.6
- •Step 1.7
- •Step 1.8
- •Step 1.9
- •Step 1.10
- •Step 1.11
- •Step 1.12
- •Step 1.13
- •Step 1.14
- •Step 1.15
- •Step 1.16
- •Step 1.17
- •Step 1.18
- •Step 1.19
- •Initial System Configuration (Detailed)
- •Overview
- •Part 1: Loading a Factory-Default Configuration and Performing Initial Configuration
- •Step 1.1
- •Step 1.2
- •Step 1.3
- •Step 1.4
- •Step 1.5
- •Step 1.6
- •Step 1.7
- •Step 1.8
- •Step 1.9
- •Step 1.10
- •Step 1.11
- •Step 1.12
- •Step 1.13
- •Step 1.14
- •Step 1.15
- •Step 1.16
- •Part 2: Saving, Displaying, Loading, and Deleting a Rescue Configuration
- •Step 2.1
- •Step 2.2
- •Step 2.3
- •Step 2.4
- •Step 2.5
- •Step 2.6
- •Step 2.7
- •Step 2.8
- •Step 2.9
- •Part 3: Configuring Interfaces and Verifying Operational State
- •Step 3.1
- •Step 3.2
- •Step 3.3
- •Step 3.4
- •Secondary System Configuration (Detailed)
- •Overview
- •Part 1: Configuring User Authentication
- •Step 1.1
- •Step 1.2
- •Step 1.3
- •Step 1.4
- •Step 1.5
- •Step 1.6
- •Step 1.7
- •Step 1.8
- •Step 1.9
- •Step 1.10
- •Step 1.11
- •Step 1.12
- •Step 1.13
- •Step 1.14
- •Step 1.15
- •Step 1.16
- •Step 1.17
- •Step 1.18
- •Step 1.19
- •Part 2: Performing System Management Options
- •Step 2.1
- •Step 2.2
- •Step 2.3
- •Step 2.4
- •Step 2.5
- •Step 2.6
- •Step 2.7
- •Step 2.8
- •Step 2.9
- •Step 2.10
- •Step 2.11
- •Step 2.12
- •Step 2.13
- •Step 2.14
- •Step 2.15
- •Step 2.16
- •Step 2.17
- •Step 2.18
- •Operational Monitoring and Maintenance (Detailed)
- •Overview
- •Part 1: Monitoring System and Chassis Operation
- •Step 1.1
- •Step 1.2
- •Step 1.3
- •Step 1.4
- •Step 1.5
- •Step 1.6
- •Step 1.7
- •Step 1.8
- •Step 1.9
- •Step 1.10
- •Step 1.11
- •Step 1.12
- •Step 1.13
- •Step 1.14
- •Step 1.15
- •Step 1.16
- •Part 2: Using Network Utilities and Monitoring Traffic
- •Step 2.1
- •Step 2.2
- •Step 2.3
- •Step 2.4
- •Step 2.5
- •Step 2.6
- •Part 3: Upgrading the Junos OS
- •Step 3.1
- •Step 3.2
- •Step 3.3
- •Step 3.4
- •Step 3.5
- •Part 4: Recovering the Root Password
- •Step 4.1
- •Step 4.2
- •Step 4.3
- •Step 4.4
- •Step 4.5
- •Step 4.6
- •Step 4.7
- •Step 4.8
- •Lab 5 (Optional)
- •The J-Web Interface (Detailed)
- •Overview
- •Part 1: Logging In to and Exploring the J-Web Interface
- •Step 1.1
- •Step 1.2
- •Step 1.3
- •Step 1.4
- •Step 1.5
- •Step 1.6
- •Step 1.7
- •Step 1.8
- •Step 1.9
- •Part 2: Exploring J-Web Configuration and Diagnostic Capabilities
- •Step 2.1
- •Step 2.2
- •Step 2.3
- •Step 2.4
- •Step 2.5
- •Step 2.6
- •Step 2.7
- •Step 2.8
- •Step 2.9
- •Appendix A: Lab Diagrams

Introduction to the Junos Operating System
Part 1: Loading a Factory-Default Configuration and Performing Initial Configuration
In this lab part, you will load the factory-default configuration and perform initial configuration tasks using the Junos CLI.
Step 1.1
Ensure that you know to which student device you have been assigned. Check with your instructor if you are not certain. Consult the management network diagram to determine the management address of your student device
Question: What is the management address assigned to your station?
Answer: The answer varies; in the example used throughout this lab, the user belongs to the srxA-1 station, which uses an IP address of 10.210.14.131. Your answer will depend on the rack of equipment your class is using.
Step 1.2
Access the CLI at your station using the console connection.
Note
During this lab, your access through the management network will be affected. Ensure that you use the console connection to access your assigned station. Using the console connection ensures persistent connectivity even when the management network access is unavailable. If needed, ask your instructor how to connect to your system using the console port.
Lab 2–2 • Initial System Configuration (Detailed) |
www.juniper.net |

Introduction to the Junos Operating System
Step 1.3
Log in to the student device with the username lab using a password of lab123. Note that both the name and password are case-sensitive. Enter configuration mode and load a factory-default configuration using the load factory-default command.
srxA-1 (ttyp0)
login: lab Password:
--- JUNOS 12.1R1.9 built 2012-03-24 12:12:49 UTC lab@srxA-1> configure
Entering configuration mode
[edit]
lab@srxA-1# load factory-default
warning: activating factory configuration
Step 1.4
Display the factory-default configuration.
[edit] lab@srxA-1# show
## Last changed: 2012-04-17 23:59:34 UTC system {
autoinstallation {
delete-upon-commit; ## Deletes [system autoinstallation] upon change/
commit
traceoptions { level verbose; flag {
all;
}
}
interfaces { ge-0/0/0 {
bootp;
}
}
}
name-server { 208.67.222.222; 208.67.220.220;
}
services { ssh; telnet;
xnm-clear-text; web-management { http {
interface vlan.0;
}
https { system-generated-certificate;
www.juniper.net |
Initial System Configuration (Detailed) • Lab 2–3 |

Introduction to the Junos Operating System
interface vlan.0;
}
}
dhcp { router {
192.168.1.1;
}
pool 192.168.1.0/24 {
address-range low 192.168.1.2 high 192.168.1.254;
}
propagate-settings ge-0/0/0.0;
}
}
syslog {
archive size 100k files 3; user * {
any emergency;
}
file messages { any critical;
authorization info;
}
file interactive-commands { interactive-commands error;
}
}
max-configurations-on-flash 5;
##
##Warning: statement ignored: unsupported platform (srx240h)
max-configuration-rollbacks 5; license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
##Warning: missing mandatory statement(s): 'root-authentication'
}
interfaces { ge-0/0/0 {
unit 0;
}
ge-0/0/1 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/2 { unit 0 {
family ethernet-switching { vlan {
Lab 2–4 • Initial System Configuration (Detailed) |
www.juniper.net |

Introduction to the Junos Operating System
members vlan-trust;
}
}
}
}
ge-0/0/3 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/4 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/5 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/6 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/7 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/8 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
www.juniper.net |
Initial System Configuration (Detailed) • Lab 2–5 |

Introduction to the Junos Operating System
}
}
}
}
ge-0/0/9 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/10 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/11 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/12 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/13 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
ge-0/0/14 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
Lab 2–6 • Initial System Configuration (Detailed) |
www.juniper.net |

Introduction to the Junos Operating System
}
}
}
ge-0/0/15 { unit 0 {
family ethernet-switching { vlan {
members vlan-trust;
}
}
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
}
}
protocols { stp;
}
security { screen {
ids-option untrust-screen { icmp {
ping-death;
}
ip {
source-route-option; tear-drop;
}
tcp {
syn-flood { alarm-threshold 1024; attack-threshold 200; source-threshold 1024;
destination-threshold 2048; timeout 20;
}
land;
}
}
}
nat {
source {
rule-set trust-to-untrust { from zone trust;
to zone untrust;
rule source-nat-rule { match {
source-address 0.0.0.0/0;
}
then {
www.juniper.net |
Initial System Configuration (Detailed) • Lab 2–7 |

Introduction to the Junos Operating System
source-nat { interface;
}
}
}
}
}
}
policies {
from-zone trust to-zone untrust { policy trust-to-untrust {
match {
source-address any; destination-address any; application any;
}
then { permit;
}
}
}
}
zones {
security-zone trust { host-inbound-traffic {
system-services { all;
}
protocols { all;
}
}
interfaces { vlan.0;
}
}
security-zone untrust { screen untrust-screen; interfaces {
ge-0/0/0.0 { host-inbound-traffic {
system-services { dhcp;
tftp;
}
}
}
}
}
}
}
vlans { vlan-trust {
vlan-id 3; l3-interface vlan.0;
Lab 2–8 • Initial System Configuration (Detailed) |
www.juniper.net |