root@lz# commit
warning: Interfaces are changed from route mode to transparent mode. Please reboot the device or all nodes in the HA cluster! commit complete
root# run show configuration | display set set version 11.1R3.5
set system root-authentication encrypted-password \set system name-server 208.67.222.222 set system name-server 208.67.220.220 set system services ssh set system services telnet
set system services xnm-clear-text
set system services web-management http interface vlan.0 set system services web-management http interface irb.0
set system services web-management https system-generated-certificate set system services web-management https interface vlan.0 set system services dhcp propagate-settings ge-0/0/0.0 set system syslog archive size 100k set system syslog archive files 3
set system syslog user * any emergency set system syslog file messages any critical
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands error set system max-configurations-on-flash 5 set system max-configuration-rollbacks 5
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval set interfaces ge-0/0/0 unit 0 family bridge interface-mode access set interfaces ge-0/0/0 unit 0 family bridge vlan-id 10
set interfaces ge-0/0/1 unit 0 family bridge interface-mode access set interfaces ge-0/0/1 unit 0 family bridge vlan-id 10
set interfaces ge-0/0/2 unit 0 family bridge interface-mode access set interfaces ge-0/0/2 unit 0 family bridge vlan-id 10
set interfaces ge-0/0/3 unit 0 family bridge interface-mode access set interfaces ge-0/0/3 unit 0 family bridge vlan-id 10
set interfaces ge-0/0/4 unit 0 family bridge interface-mode access set interfaces ge-0/0/4 unit 0 family bridge vlan-id 10
set interfaces irb unit 0 family inet address 192.168.201.206/24 set interfaces vlan unit 0
set routing-options static route 0.0.0.0/0 next-hop 192.168.201.251 set protocols stp
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024 set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200 set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024 set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048 set security screen ids-option untrust-screen tcp syn-flood timeout 20 set security screen ids-option untrust-screen tcp land
set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
set security policies from-zone trust to-zone untrust policy trust-to-untrust then log session-init set security policies from-zone trust to-zone untrust policy trust-to-untrust then log session-close set security policies from-zone trust to-zone untrust policy trust-to-untrust then count set security zones security-zone trust host-inbound-traffic system-services all set security zones security-zone trust host-inbound-traffic protocols all set security zones security-zone trust interfaces ge-0/0/1.0 set security zones security-zone trust interfaces ge-0/0/2.0 set security zones security-zone trust interfaces ge-0/0/3.0 set security zones security-zone trust interfaces ge-0/0/4.0 set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust host-inbound-traffic system-services all set security zones security-zone untrust host-inbound-traffic protocols all set security zones security-zone untrust interfaces ge-0/0/0.0 set bridge-domains brige1 domain-type bridge set bridge-domains brige1 vlan-id 10
set bridge-domains brige1 routing-interface irb.0 set vlans vlan-trust vlan-id 3
set vlans vlan-trust l3-interface vlan.0
[edit]
