Performing Initial Software Configuration on SRX100 Services Gateway Using CLI

9. Configure basic security policies

[edit]
admin@#set security policies from-zone trust to-zone untrust policy <policy-name> match source-address any destination-address any application any
admin@#set security policies from-zone trust to-zone untrust policy <policy-name> then permit

Example:

[edit]
admin@#set security policies from-zone trust to-zone untrust policy <policy1> match source-address any destination-address any application any
admin@#set security policies from-zone trust to-zone untrust policy <policy1> then permit

10. Create a NAT rule for source translation of all Internet bound traffic.

[edit]
admin@#set security nat source rule-set <rulesetname> from zone trust
admin@#set security nat source rule-set <rulesetname> to zone untrust
admin@#set security nat source rule-set <rulesetname> rule <rulename> match source-address <source-add> destination-address <dest-add>
admin@#set security nat source rule-set <rulesetname> rule <rulename> then source-nat interface

[edit]
admin@#set security nat source rule-set interface-nat from zone trust
admin@#set security nat source rule-set interface-nat to zone untrust
admin@#set security nat source rule-set interface-nat rule rule1 match source-address 0.0.0.0/0 destination-address 0.0.0.0/0
admin@#set security nat source rule-set interface-nat rule rule1 then source-nat interface

11. Enable remote access services telnet and ssh

[edit]
admin@#set system services ssh

[edit]
admin@#set system services telnet

The sample show output is shown below

12. Check the configuration for validity.

[edit]
admin@#commit check

configuration check succeeds

Commit the configuration to activate it on the device.

[edit]
admin@#commit
commit complete

Home
Resources
Privacy Policy
Contact us
Disclaimer
Sitemap