Browse Source

Update 'rb_latest_config_display_set_srx'

master
ylmcc 2 years ago
parent
commit
ee5ee73e6b
1 changed files with 180 additions and 180 deletions
  1. +180
    -180
      rb_latest_config_display_set_srx

rb_latest_config_display_set.txt → rb_latest_config_display_set_srx View File

@@ -1,181 +1,181 @@
set version 12.1X46-D40.2
set system host-name cerberus
set system time-zone GMT
set system root-authentication encrypted-password "$1$5a81bcLc$1iBwYxR5QREg0cGBty1G.1"
set system name-server 208.67.222.222
set system name-server 208.67.220.220
set system name-resolution no-resolve-on-input
set system login message "#############################################################################################################################\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t All connections are monitored and recorded \t\t \n\t\t Disconnect IMMEDIATELY if you are not an authorized user!\t\t\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t \n##############################################################################################################################"
set system login user admin uid 2000
set system login user admin class super-user
set system login user admin authentication encrypted-password "$1$PhkoFBjA$ljDz7mgHnfwgFjcEH1lUo0"
set system login user kyle uid 2002
set system login user kyle class super-user
set system login user kyle authentication encrypted-password "$1$TXCvgFds$SFfnLuVj1EDmkfJeYh5Rk0"
set system services ssh
set system syslog archive size 100k
set system syslog archive files 3
set system syslog user * any emergency
set system syslog host log.internal explicit-priority
set system syslog host log.internal structured-data brief
set system syslog file messages any critical
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands error
set system syslog source-address 192.168.0.30
set system max-configurations-on-flash 49
set system max-configuration-rollbacks 49
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set system ntp server time.dcu.ie
set interfaces ge-0/0/0 description "Link to DCU Core"
set interfaces ge-0/0/0 unit 0 family inet address 136.206.33.142/26
set interfaces ge-0/0/1 description "Trunk Link to Sebastian"
set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/1 unit 0 vlan-id 0
set interfaces ge-0/0/1 unit 1 vlan-id 3
set interfaces ge-0/0/1 unit 1 family inet address 192.168.0.254/24
set interfaces ge-0/0/1 unit 2 vlan-id 4
set interfaces ge-0/0/1 unit 2 family inet address 192.168.1.254/24
set interfaces ge-0/0/1 unit 16 vlan-id 16
set interfaces ge-0/0/1 unit 16 family inet address 136.206.16.254/24
set interfaces ge-0/0/1 unit 122 vlan-id 122
set interfaces ge-0/0/1 unit 122 family inet address 136.206.15.254/24
set interfaces ge-0/0/1 unit 999 vlan-id 999
set interfaces ge-0/0/1 unit 999 family inet address 172.168.1.1/24
set interfaces ge-0/0/5 description "VPN Management"
set interfaces ge-0/0/5 unit 0 family inet address 136.206.16.254/24
set interfaces ge-0/0/7 vlan-tagging
set interfaces ge-0/0/7 unit 0 vlan-id 0
set interfaces ge-0/0/7 unit 30 vlan-id 30
set interfaces ge-0/0/7 unit 30 family inet address 1.1.1.1/24
set routing-options static route 0.0.0.0/0 next-hop 136.206.33.190
set routing-options resolution
set protocols lldp interface all
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security nat source pool nat_EMAIL address 136.206.15.5/32
set security nat source rule-set OUT-TEST from zone trust
set security nat source rule-set OUT-TEST to zone WAN
set security nat source rule-set OUT-TEST rule EMAIL_OUT match source-address 192.168.0.135/32
set security nat source rule-set OUT-TEST rule EMAIL_OUT then source-nat pool nat_EMAIL
set security nat source rule-set OUT-TEST rule r1 match source-address 172.168.1.0/24
set security nat source rule-set OUT-TEST rule r1 match source-address 192.168.0.1/24
set security nat source rule-set OUT-TEST rule r1 then source-nat interface
deactivate security nat source rule-set OUT-TEST rule r1
set security nat destination pool nat_Test address 192.168.0.135/32
set security nat destination rule-set rs1 from interface ge-0/0/0.0
set security nat destination rule-set rs1 rule r1 match destination-address 136.206.15.5/32
set security nat destination rule-set rs1 rule r1 then destination-nat pool nat_Test
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match source-address dcu_supernet
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match destination-address redbrick_primary_subnet
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-http
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-https
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-dns-udp
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-dns-tcp
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-ldap
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application LDAPS
set security policies from-zone WAN to-zone ServersPublic policy dcu_access then permit
set security policies from-zone WAN to-zone ServersPublic policy MOSH match source-address any
set security policies from-zone WAN to-zone ServersPublic policy MOSH match destination-address MOSH_ACCESS
set security policies from-zone WAN to-zone ServersPublic policy MOSH match application junos-ssh
set security policies from-zone WAN to-zone ServersPublic policy MOSH then permit
deactivate security policies from-zone WAN to-zone ServersPublic policy MOSH
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS match source-address any
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS match destination-address GAME_SOC_SERVER
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS match application any
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS then permit
set security policies from-zone WAN to-zone ServersPublic policy internet_access match source-address any
set security policies from-zone WAN to-zone ServersPublic policy internet_access match destination-address redbrick_primary_subnet
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-http
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-https
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-ssh
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-smtp
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-pop3
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-imap
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-imaps
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-dns-tcp
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-dns-udp
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application irc_peering_tcp_6668
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application irc_tls_tcp_6697
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application irc_tcp_6667
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application pop3s_tcp_995
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application tcp_465
set security policies from-zone WAN to-zone ServersPublic policy internet_access then permit
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log match source-address any
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log match destination-address any
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log match application any
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log then deny
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log then log session-init
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log then log session-close
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH match source-address MOSH_ACCESS
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH match destination-address any
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH match application junos-ssh
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH then permit
set security policies from-zone ServersPublic to-zone WAN policy Internet match source-address any
set security policies from-zone ServersPublic to-zone WAN policy Internet match destination-address any
set security policies from-zone ServersPublic to-zone WAN policy Internet match application any
set security policies from-zone ServersPublic to-zone WAN policy Internet then permit
set security policies from-zone trust to-zone WAN policy Allow-All match source-address any
set security policies from-zone trust to-zone WAN policy Allow-All match destination-address any
set security policies from-zone trust to-zone WAN policy Allow-All match application any
set security policies from-zone trust to-zone WAN policy Allow-All then permit
set security policies from-zone WAN to-zone trust policy test_inbound match source-address any
set security policies from-zone WAN to-zone trust policy test_inbound match destination-address test
set security policies from-zone WAN to-zone trust policy test_inbound match application any
set security policies from-zone WAN to-zone trust policy test_inbound then permit
set security policies from-zone WAN to-zone trust policy test_inbound then log session-close
set security policies from-zone VPN to-zone WAN policy Management_ACCESS match source-address any
set security policies from-zone VPN to-zone WAN policy Management_ACCESS match destination-address any
set security policies from-zone VPN to-zone WAN policy Management_ACCESS match application any
set security policies from-zone VPN to-zone WAN policy Management_ACCESS then permit
set security policies from-zone VPN to-zone WAN policy Management_ACCESS then log session-close
set security policies from-zone WAN to-zone VPN policy VPN_IN match source-address any
set security policies from-zone WAN to-zone VPN policy VPN_IN match destination-address any
set security policies from-zone WAN to-zone VPN policy VPN_IN match application any
set security policies from-zone WAN to-zone VPN policy VPN_IN then permit
set security policies from-zone WAN to-zone VPN policy VPN_IN then log session-close
set security zones security-zone ServersPublic address-book address redbrick_primary_subnet 136.206.15.0/24
set security zones security-zone ServersPublic address-book address GAME_SOC_SERVER 136.206.15.41/32
set security zones security-zone ServersPublic address-book address MOSH_ACCESS 136.206.15.73/32
set security zones security-zone ServersPublic interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
set security zones security-zone ServersPublic interfaces ge-0/0/1.122
set security zones security-zone ServersPublic interfaces ge-0/0/1.16
set security zones security-zone WAN address-book address dcu_supernet 136.206.0.0/16
set security zones security-zone WAN address-book address GAME_SOC_SERVER 136.206.15.41/32
set security zones security-zone WAN address-book address MOSH_ACCESS 136.206.15.73/32
set security zones security-zone WAN interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security zones security-zone WAN interfaces ge-0/0/0.0 host-inbound-traffic system-services ping
set security zones security-zone trust address-book address test 192.168.0.135/32
set security zones security-zone trust host-inbound-traffic system-services ping
set security zones security-zone trust host-inbound-traffic system-services ssh
set security zones security-zone trust interfaces ge-0/0/1.1
set security zones security-zone trust interfaces ge-0/0/1.2
set security zones security-zone trust interfaces ge-0/0/1.999
set security zones security-zone trust interfaces ge-0/0/7.30
set security zones security-zone VPN host-inbound-traffic system-services ping
set security zones security-zone VPN host-inbound-traffic system-services ssh
set security zones security-zone VPN interfaces ge-0/0/5.0
set applications application irc_peering_tcp_6668 protocol tcp
set applications application irc_peering_tcp_6668 destination-port 6668
set applications application irc_peering_tcp_6668 description "IRC Peering"
set applications application irc_tcp_6667 protocol tcp
set applications application irc_tcp_6667 destination-port 6667
set applications application irc_tcp_6667 description IRC
set applications application irc_tls_tcp_6697 protocol tcp
set applications application irc_tls_tcp_6697 destination-port 6697
set applications application irc_tls_tcp_6697 description "IRC TLS"
set applications application tcp_465 protocol tcp
set applications application tcp_465 destination-port 465
set applications application tcp_465 description "Mail? d_fens requested"
set applications application pop3s_tcp_995 protocol tcp
set applications application pop3s_tcp_995 destination-port 995
set applications application pop3s_tcp_995 description POP3S
set applications application LDAPS protocol tcp
set applications application LDAPS destination-port 636
set version 12.1X46-D40.2
set system host-name cerberus
set system time-zone GMT
set system root-authentication encrypted-password "$1$5a81bcLc$1iBwYxR5QREg0cGBty1G.1"
set system name-server 208.67.222.222
set system name-server 208.67.220.220
set system name-resolution no-resolve-on-input
set system login message "#############################################################################################################################\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t All connections are monitored and recorded \t\t \n\t\t Disconnect IMMEDIATELY if you are not an authorized user!\t\t\t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t \n##############################################################################################################################"
set system login user admin uid 2000
set system login user admin class super-user
set system login user admin authentication encrypted-password "$1$PhkoFBjA$ljDz7mgHnfwgFjcEH1lUo0"
set system login user kyle uid 2002
set system login user kyle class super-user
set system login user kyle authentication encrypted-password "$1$TXCvgFds$SFfnLuVj1EDmkfJeYh5Rk0"
set system services ssh
set system syslog archive size 100k
set system syslog archive files 3
set system syslog user * any emergency
set system syslog host log.internal explicit-priority
set system syslog host log.internal structured-data brief
set system syslog file messages any critical
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands error
set system syslog source-address 192.168.0.30
set system max-configurations-on-flash 49
set system max-configuration-rollbacks 49
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set system ntp server time.dcu.ie
set interfaces ge-0/0/0 description "Link to DCU Core"
set interfaces ge-0/0/0 unit 0 family inet address 136.206.33.142/26
set interfaces ge-0/0/1 description "Trunk Link to Sebastian"
set interfaces ge-0/0/1 vlan-tagging
set interfaces ge-0/0/1 unit 0 vlan-id 0
set interfaces ge-0/0/1 unit 1 vlan-id 3
set interfaces ge-0/0/1 unit 1 family inet address 192.168.0.254/24
set interfaces ge-0/0/1 unit 2 vlan-id 4
set interfaces ge-0/0/1 unit 2 family inet address 192.168.1.254/24
set interfaces ge-0/0/1 unit 16 vlan-id 16
set interfaces ge-0/0/1 unit 16 family inet address 136.206.16.254/24
set interfaces ge-0/0/1 unit 122 vlan-id 122
set interfaces ge-0/0/1 unit 122 family inet address 136.206.15.254/24
set interfaces ge-0/0/1 unit 999 vlan-id 999
set interfaces ge-0/0/1 unit 999 family inet address 172.168.1.1/24
set interfaces ge-0/0/5 description "VPN Management"
set interfaces ge-0/0/5 unit 0 family inet address 136.206.16.254/24
set interfaces ge-0/0/7 vlan-tagging
set interfaces ge-0/0/7 unit 0 vlan-id 0
set interfaces ge-0/0/7 unit 30 vlan-id 30
set interfaces ge-0/0/7 unit 30 family inet address 1.1.1.1/24
set routing-options static route 0.0.0.0/0 next-hop 136.206.33.190
set routing-options resolution
set protocols lldp interface all
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security nat source pool nat_EMAIL address 136.206.15.5/32
set security nat source rule-set OUT-TEST from zone trust
set security nat source rule-set OUT-TEST to zone WAN
set security nat source rule-set OUT-TEST rule EMAIL_OUT match source-address 192.168.0.135/32
set security nat source rule-set OUT-TEST rule EMAIL_OUT then source-nat pool nat_EMAIL
set security nat source rule-set OUT-TEST rule r1 match source-address 172.168.1.0/24
set security nat source rule-set OUT-TEST rule r1 match source-address 192.168.0.1/24
set security nat source rule-set OUT-TEST rule r1 then source-nat interface
deactivate security nat source rule-set OUT-TEST rule r1
set security nat destination pool nat_Test address 192.168.0.135/32
set security nat destination rule-set rs1 from interface ge-0/0/0.0
set security nat destination rule-set rs1 rule r1 match destination-address 136.206.15.5/32
set security nat destination rule-set rs1 rule r1 then destination-nat pool nat_Test
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match source-address dcu_supernet
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match destination-address redbrick_primary_subnet
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-http
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-https
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-dns-udp
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-dns-tcp
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application junos-ldap
set security policies from-zone WAN to-zone ServersPublic policy dcu_access match application LDAPS
set security policies from-zone WAN to-zone ServersPublic policy dcu_access then permit
set security policies from-zone WAN to-zone ServersPublic policy MOSH match source-address any
set security policies from-zone WAN to-zone ServersPublic policy MOSH match destination-address MOSH_ACCESS
set security policies from-zone WAN to-zone ServersPublic policy MOSH match application junos-ssh
set security policies from-zone WAN to-zone ServersPublic policy MOSH then permit
deactivate security policies from-zone WAN to-zone ServersPublic policy MOSH
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS match source-address any
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS match destination-address GAME_SOC_SERVER
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS match application any
set security policies from-zone WAN to-zone ServersPublic policy GAME_SOC_ACCESS then permit
set security policies from-zone WAN to-zone ServersPublic policy internet_access match source-address any
set security policies from-zone WAN to-zone ServersPublic policy internet_access match destination-address redbrick_primary_subnet
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-http
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-https
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-ssh
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-smtp
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-pop3
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-imap
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-imaps
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-dns-tcp
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application junos-dns-udp
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application irc_peering_tcp_6668
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application irc_tls_tcp_6697
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application irc_tcp_6667
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application pop3s_tcp_995
set security policies from-zone WAN to-zone ServersPublic policy internet_access match application tcp_465
set security policies from-zone WAN to-zone ServersPublic policy internet_access then permit
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log match source-address any
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log match destination-address any
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log match application any
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log then deny
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log then log session-init
set security policies from-zone WAN to-zone ServersPublic policy drop_and_log then log session-close
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH match source-address MOSH_ACCESS
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH match destination-address any
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH match application junos-ssh
set security policies from-zone ServersPublic to-zone WAN policy DENY_MOSH then permit
set security policies from-zone ServersPublic to-zone WAN policy Internet match source-address any
set security policies from-zone ServersPublic to-zone WAN policy Internet match destination-address any
set security policies from-zone ServersPublic to-zone WAN policy Internet match application any
set security policies from-zone ServersPublic to-zone WAN policy Internet then permit
set security policies from-zone trust to-zone WAN policy Allow-All match source-address any
set security policies from-zone trust to-zone WAN policy Allow-All match destination-address any
set security policies from-zone trust to-zone WAN policy Allow-All match application any
set security policies from-zone trust to-zone WAN policy Allow-All then permit
set security policies from-zone WAN to-zone trust policy test_inbound match source-address any
set security policies from-zone WAN to-zone trust policy test_inbound match destination-address test
set security policies from-zone WAN to-zone trust policy test_inbound match application any
set security policies from-zone WAN to-zone trust policy test_inbound then permit
set security policies from-zone WAN to-zone trust policy test_inbound then log session-close
set security policies from-zone VPN to-zone WAN policy Management_ACCESS match source-address any
set security policies from-zone VPN to-zone WAN policy Management_ACCESS match destination-address any
set security policies from-zone VPN to-zone WAN policy Management_ACCESS match application any
set security policies from-zone VPN to-zone WAN policy Management_ACCESS then permit
set security policies from-zone VPN to-zone WAN policy Management_ACCESS then log session-close
set security policies from-zone WAN to-zone VPN policy VPN_IN match source-address any
set security policies from-zone WAN to-zone VPN policy VPN_IN match destination-address any
set security policies from-zone WAN to-zone VPN policy VPN_IN match application any
set security policies from-zone WAN to-zone VPN policy VPN_IN then permit
set security policies from-zone WAN to-zone VPN policy VPN_IN then log session-close
set security zones security-zone ServersPublic address-book address redbrick_primary_subnet 136.206.15.0/24
set security zones security-zone ServersPublic address-book address GAME_SOC_SERVER 136.206.15.41/32
set security zones security-zone ServersPublic address-book address MOSH_ACCESS 136.206.15.73/32
set security zones security-zone ServersPublic interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
set security zones security-zone ServersPublic interfaces ge-0/0/1.122
set security zones security-zone ServersPublic interfaces ge-0/0/1.16
set security zones security-zone WAN address-book address dcu_supernet 136.206.0.0/16
set security zones security-zone WAN address-book address GAME_SOC_SERVER 136.206.15.41/32
set security zones security-zone WAN address-book address MOSH_ACCESS 136.206.15.73/32
set security zones security-zone WAN interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security zones security-zone WAN interfaces ge-0/0/0.0 host-inbound-traffic system-services ping
set security zones security-zone trust address-book address test 192.168.0.135/32
set security zones security-zone trust host-inbound-traffic system-services ping
set security zones security-zone trust host-inbound-traffic system-services ssh
set security zones security-zone trust interfaces ge-0/0/1.1
set security zones security-zone trust interfaces ge-0/0/1.2
set security zones security-zone trust interfaces ge-0/0/1.999
set security zones security-zone trust interfaces ge-0/0/7.30
set security zones security-zone VPN host-inbound-traffic system-services ping
set security zones security-zone VPN host-inbound-traffic system-services ssh
set security zones security-zone VPN interfaces ge-0/0/5.0
set applications application irc_peering_tcp_6668 protocol tcp
set applications application irc_peering_tcp_6668 destination-port 6668
set applications application irc_peering_tcp_6668 description "IRC Peering"
set applications application irc_tcp_6667 protocol tcp
set applications application irc_tcp_6667 destination-port 6667
set applications application irc_tcp_6667 description IRC
set applications application irc_tls_tcp_6697 protocol tcp
set applications application irc_tls_tcp_6697 destination-port 6697
set applications application irc_tls_tcp_6697 description "IRC TLS"
set applications application tcp_465 protocol tcp
set applications application tcp_465 destination-port 465
set applications application tcp_465 description "Mail? d_fens requested"
set applications application pop3s_tcp_995 protocol tcp
set applications application pop3s_tcp_995 destination-port 995
set applications application pop3s_tcp_995 description POP3S
set applications application LDAPS protocol tcp
set applications application LDAPS destination-port 636
set applications application LDAPS description LDAPS

Loading…
Cancel
Save