Skip to main content

SRX Bgp default route

BGP with default route

root# show | display set     
set version 15.1X49-D70.3
set system root-authentication 
set system name-server 8.8.8.8
set system name-server 8.8.4.4
set system services ssh root-login allow
set system services ssh protocol-version v2
set system services telnet
set system services xnm-clear-text
set system services netconf ssh
set system services dhcp-local-server group jdhcp-group interface irb.0
set system services web-management http
set system services web-management https system-generated-certificate
set system syslog archive size 100k
set system syslog archive files 3
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system max-configurations-on-flash 5
set system max-configuration-rollbacks 5
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
set security policies from-zone trust to-zone trust policy trust-to-trust match source-address any
set security policies from-zone trust to-zone trust policy trust-to-trust match destination-address any
set security policies from-zone trust to-zone trust policy trust-to-trust match application any
set security policies from-zone trust to-zone trust policy trust-to-trust then permit
set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces irb.0 host-inbound-traffic system-services ping
set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services tftp
set security zones security-zone untrust interfaces ge-0/0/7.0 host-inbound-traffic system-services ssh
set security zones security-zone untrust interfaces ge-0/0/7.0 host-inbound-traffic system-services http
set security zones security-zone untrust interfaces ge-0/0/7.0 host-inbound-traffic system-services https
set security zones security-zone untrust interfaces ge-0/0/7.0 host-inbound-traffic system-services ping
set interfaces ge-0/0/0 unit 0 family inet
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/6 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces ge-0/0/7 unit 0 family inet address 13.13.13.245/31
set interfaces irb unit 0 family inet address 12.12.12.1/24
set routing-options static route 0.0.0.0/0 next-hop 13.13.13.244
set routing-options autonomous-system 313131
set protocols bgp traceoptions file bgp-log
set protocols bgp traceoptions file size 1024768
set protocols bgp traceoptions file files 10
set protocols bgp traceoptions flag all
set protocols bgp group SOME_ISP type external
set protocols bgp group SOME_ISP log-updown
set protocols bgp group SOME_ISP export AN_some_customer
set protocols bgp group SOME_ISP peer-as 12213
set protocols bgp group SOME_ISP neighbor 13.13.13.244 local-address 13.13.13.245
set protocols l2-learning global-mode switching
set policy-options policy-statement AN_some_customer term 1 from route-filter 12.12.12.0/24 exact
set policy-options policy-statement AN_some_customer term 1 then accept
set access address-assignment pool junosDHCPPool family inet network 192.168.1.0/24
set access address-assignment pool junosDHCPPool family inet range junosRange low 192.168.1.2
set access address-assignment pool junosDHCPPool family inet range junosRange high 192.168.1.254
set access address-assignment pool junosDHCPPool family inet dhcp-attributes router 192.168.1.1
set access address-assignment pool junosDHCPPool family inet dhcp-attributes propagate-settings ge-0/0/0.0
set vlans vlan-trust vlan-id 3
set vlans vlan-trust l3-interface irb.0
No Comments
Back to top