juniper 설정 방법
신규장비 전원연결시 "auto-image-upgrade"라고 뜨면 밑에 명령어 실행
delete chassis auto-image-upgrade
- CLI
- configure (config terminer 모드)
- set ( 저장 ) , delecte (삭제)
-------- root password 및 계정 추가 방법 ------------
1. root password 설정
set system root-authentication plain-text-password
2. 서브계정 추가 방법
set system login user womenpro class super-user ( 계정 생성 및 권한 설정 )
set system login user XXX authentication plain-text-password ( 계정 password 설정)
※ telnet 접근시 root 계정 접속 불가 ( 서브계정으로 접속가능 )
-------- hostname ------------
set system host-name XXX
ro
--------서비스 설정 방법 ------------
1. ssh
set system services ssh
2. telnet
set system services telnet
3.FTP
set system services ftp
------- 시간설정 및 NTP ------------
1.time-zone 설정
set system time-zone Asia/Seoul
2.시간 수동 설정
set date YYYYMMDDhhmm.ss
3.NTP server 설정
set system ntp server XXX.XXX.XXX.XXX
------- vlan 설정 방법 ----------------
1.2200,3200,3300,4550 모델
set vlans vlanXXX vlan-id XXX
set vlans vlanXXX l3-interface vlan.XXX
set interfaces vlan unit XXX family inet address XXX.XXX.XXX.XXX/XX
2.2300,3400,4300,9200 모델
set vlans vlanXXX vlan-id XXX
set vlans vlanXXX l3-interface irb.XXX
set interfaces irb unit XXX family inet address XXX.XXX.XXX.XXX/XX
-------- interface 설정 방법 mode 설정 ----------------
1. access
1) 2200,3200,3300,4550 모델
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX
2) 2300,3400,4300,9200 모델
set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode access
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX
2. trunk
1) 2200,3200,3300,4550 모델
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX
2) 2300,3400,4300,9200 모델
set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX
2. 듀얼모드
1) 2200,3200,3300,4550 모델
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX ( IPT vlan )
set interfaces ge-0/0/0 unit 0 family ethernet-switching native-vlan-id XXX ( PC vlan )
2) 2300,3400,4300,9200 모델
set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX ( IPT vlan )
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlanXXX ( PC vlan )
set interfaces ge-0/0/0 native-vlan-id XXX ( PC vlan )
-------- interface 설정 방법 port speed 설정 ----------------
1) 2200,3200,3300,4550 모델
set interfaces ge-0/0/0 ether-options speed 100m
set interfaces ge-0/0/0 ether-options link-mode full-duplex
set interfaces ge-0/0/0 ether-options no-auto-negotiation
2) 2300,3400,4300,9200 모델
set interfaces ge-0/0/0 speed 100m
set interfaces ge-0/0/0 link-mode full-duplex
set interfaces ge-0/0/0 ether-options no-auto-negotiation
3) interface range설정
set interfaces interface-range test01 member-range ge0/0/0 to ge0/0/10
set interfaces interface-range test01 unit 0 family ethernet-switching interface-mode access
set interfaces interface-range test01 unit 0 family ethernet-switching vlan members vlanXXX
-------- route 설정 ----------------
set routing-options static route 0.0.0.0/0 next-hop 105.20.5.1
set routing-options static route 0.0.0.0/0 qualified-next-hop 105.20.5.12 metric 10 ( secondry )
-------- pim 설정 ----------------
1) 2200,3200,3300,4550 모델
set protocols pim interface vlan.XXX mode dense
2) 2300,3400,4300,9200 모델
set protocols pim interface irb.XXX mode dense
-------- STP 설정 ----------------
1. RSTP
set protocols rstp bridge-priority XXX (priority 값)
set protocols rstp interface ge-0/0/0
2. VSTP
1) 2200,3200,3300,4550 모델
set protocols vstp vlan vlanXXX bridge-priority XXX (priority 값)
set protocols vstp vlan vlanXXX
2) 2300,3400,4300,9200 모델
set protocols vstp vlan XXX bridge-priority XXX (priority 값)
set protocols vstp vlan XXX
------- mirror port 설정 --------
set forwarding-options analyzer dd input ingress interface ge-
set forwarding-options analyzer wome input egress interface ge-0/0/15
set forwarding-options analyzer women output interface ge-0
------ POE 설정--------
set protocols lldp interface all
set protocols lldp-med interface all
set poe interface all
-----ACL 설정 ------------
set policy-options prefix-list Access_telnet XXX.XXX.XXX.XXX/XX
set firewall family inet filter SSH_Access term ssh_allow from source-prefix-list Access_telnet
set firewall family inet filter SSH_Access term ssh_allow from protocol tcp
set firewall family inet filter SSH_Access term ssh_allow from destination-port ssh
set firewall family inet filter SSH_Access term ssh_allow then accept
set firewall family inet filter SSH_Access term ssh_deny from protocol tcp
set firewall family inet filter SSH_Access term ssh_deny from destination-port ssh
set firewall family inet filter SSH_Access term ssh_deny then discard
set firewall family inet filter SSH_Access term all_permit then accept
------- 모니터링 명령어 -----------------
1. config 확인
1) show ( config all )
2) show configuration | display set ( set 명령어로 입력된 config 보기 )
show | display set (ex2300)
3) show configuration | display set | match XXX ( set 명령어로 입력된 config 에서 XXX 단어 찾기 )
2. interface 상태 확인
show interfaces terse
run show interfaces terse (ex 2300)
3. mac 테이블 확인
show ethernet-switching table
4. arp 테이블 확인
show arp no-resolve
5. 인터페이스 트래픽 확인
monitor interface traffic
6. 시간 확인
show system uptime
7. hardware 상태 확인
show chassis routing-engine 장비 cpu/memory 사용률
show chassis fpc
8. log 확인
show log messages ( 전체 로그 )
show log messages | last 100 ( 마지막 log 부터 100줄 검색 )
9. vlan 정보
show vlan
=================================================
초기화
request system zeroize
user@switch# load factory default
root password 설정(1)
user@switch# delete system commit
user@switch# commit
-----------------------------------------------------------------------------------
(1) root password 설정
user@switch# set system root-authentication plain-text-password <엔터>
New password: XXXXXX
Retype new password: XXXXXX
-----------------------------------------------------------------------------------
=================================================
ex2300 리부팅
user@switch# run request system reboot
=================================================
'네트워크' 카테고리의 다른 글
| Cisco 점검명령어 (0) | 2023.06.15 |
|---|