본문 바로가기
  • Vetheuil in Summer
Tech/FIREWALL IPS

Juniper SRX Firewall

by 눈꽃산행 2019. 2. 13.

JunOS

 

 

* Config mode

show | compare : 설정값 확인

commit check : 설정값 검증

commit : 설정전송(저장)


* Control 포트를 통한 장비접속

start shell user root

rlogin -Jk -T node1

==> shell 접속

cli

 

* User 생성

set system login user ????? class super-user-local authentication plain-text-password

New password:
Retype new password:

 

* HW OFF

request system halt
request system reboot

 

* HW 정보
show chassis hardware
show chassis environment

 

* HW 점검

show system alarms

show bridge mac-table

show chassis fpc pic-status

show chassis fpc

op srx-monitor (shell로 만듬)

show security flow session node 0

show interfaces terse

show chassis cluster status

show security policies hit-count

monitor interface traffic

show log jsrpd | last
show log messages | last

show security policies hit-count

file list /var/tmp/

 

* Session 삭제

clear security flow session source-prefix 192.168.100.1/32  

 

 

* File 관리

start shell user root

cd /var/tmp  --> img file & log

request system storag  --> tmp 삭제

==============파일압축==================

file archive compress source /var/log/ destination /var/tmp/node0.log

 

* 수동 Fail-Over ( S.W 절체시 group 1 만 절체 )

group 0 --> RE
group 1 --> Interface

  node 0 --> node 1

request chassis cluster failover redundancy-group 0 node 1
request chassis cluster failover redundancy-group 1 node 1

request chassis cluster failover reset redundancy-group 0
request chassis cluster failover reset redundancy-group 1

 

* SNMP Oid 확인

show snmp mib get-next jnxJsSPUMonitoringCPUUsage  
jnxJsSPUMonitoringCPUUsage.12 = 0

 

show snmp mib get-next jnxJsSPUMonitoringCPUUsage | display xml 


show snmp mib get-next jnxJsSPUMonitoringMemoryUsage
jnxJsSPUMonitoringMemoryUsage.12 = 12

show snmp mib get-next jnxJsSPUMonitoringMemoryUsage | display xml

            <oid>1.3.6.1.4.1.2636.3.39.1.12.1.1.1.5.12</oid>


show snmp mib get-next jnxJsSPUMonitoringCurrentFlowSession   
jnxJsSPUMonitoringCurrentFlowSession.12 = 0
show snmp mib get-next jnxJsSPUMonitoringCurrentFlowSession | display xml

            <oid>1.3.6.1.4.1.2636.3.39.1.12.1.1.1.6.12</oid>

저작자표시

'Tech > FIREWALL IPS' 카테고리의 다른 글

Explore Junos OS configuration statements and commands  (0) 2019.02.15
SRX JunOS Encryption User Password Type  (0) 2019.02.15

관련글

티스토리툴바