# SRX
show security policies hit-count less-than 2
# juniper firmware upgrade
show security policies hit-count less-than 2
# juniper firmware upgrade
mount_msdosfs /dev/da1s1 /mnt # da1s1
cp /mnt/EX2200-12.3R12-S7.tgz /var/tmp/
request system software add /var/tmp/EX2200-12.3R12-S7.tgz
request system reboot
# juniper copy current partition to either partition
request system snapshot slice alternate
#request system snapshot media internal slice alternate
reboot # that's how u do it
#request system reboot slice alternate media internal # that's where u're wrong...
# juniper interfaces bulk configuration
set interfaces interface-range RANGE1 member-range ge-0/0/0 to ge-1/0/47
set interfaces interface-range RANGE1 unit 0 family ethernet-switching
# juniper force user logout from juniper
request system logout .....
# juniper read config from copy-past.
load set terminal
#juniper disable Amber alarm
request system configuration rescue save
#juniper disable Red alarm
set chassis alarm management-ethernet link-down ignore
# fixing juniper "db>"
db> cont
https://kb.juniper.net/InfoCenter/index?page=content&id=KB20635&actp=METADATA
# cisco
cisco#configure
cisco(config)#interface range gigabitEthernet 0/16 - 19
cisco(config-if-range)#no switchport port-security violation protect
cisco(config-if-range)#no switchport port-security mac-address sticky
cisco#show running-config
cisco#copy running-config startup-config
# juniper password reset
hitting "space bar" while boot.
boot -s
recovery
#juniper
bash /S/8ex.sh 'show interfaces terse |except \.0 |match ge- |match up\ \ \ \ \up '
show security policies from-zone ZONE1 to-zone ZONE2 policy-name SOMETHINGLIKEZONE1TOZONE2
# cisco
enable
show interface status
enable
show interface brief
enable
show|begine password: show all password configuration
enable
show|include: just like grep, specified case\
# juniper allow package through different path
set security flow tcp-session no-sequence-check
set security flow tcp-session no-syn-check
set security flow allow-dns-reply
# cisco checking mac address
show mac table on cisco+match:show mac-address-table | i 5/34
show mac address+match: sh arp | i FFFF
# juniper stacking, virtual chassis
set no-split-detection
request virtual-chassis vc-port set pic-slot 1 port 0
request virtual-chassis vc-port set pic-slot 1 port 1
# staking is actually ready after above 2 line...
set virtual-chassis preprovisioned
set virtual-chassis no-split-detection
set virtual-chassis member 0 role routing-engine
set virtual-chassis member 0 serial-number ##########
set virtual-chassis member 1 role routing-engine
set virtual-chassis member 1 serial-number ############
# juniper LACP
set interfaces ge-1/0/3 ether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options lacp active #force up for esxi??
set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
set interfaces ae0 unit 0 family ethernet-switching vlan members all
# juniper Graceful Routing Engine switchover (GRES):
# set virtual-chassis member 0 mastership-priority 255
# set virtual-chassis member 1 mastership-priority 255
# set chassis redundancy graceful-switchover
# MAC authentication with Windows Server 2003
http://kb.juniper.net/InfoCenter/index?page=content&id=KB26996&actp=search
http://kb.juniper.net/InfoCenter/index?page=content&id=KB26996&actp=search
No comments:
Post a Comment