Junos : Configuring Management Access

SRX Series device is configured to allow secure management access and apply NAT to all outbound traffic.    

• Set the root user password.
          set system root-authentication plain-text-password(will prompt for password)
     
• Set the system host name.
          set system host-namesrx-1
     
• Assign interface fe-0/0/7 to the untrust zone (zone names are case sensitive).
          set security zone security-zone untrust interface fe-0/0/7
     
• Set name server parameter.
          set system name-server <ip address>
     
• fe-0/0/7 IP address and default route configuration.
            a) To assign the IP address and gateway statically:
            set interfaces fe-0/0/7 unit 0 family inet address 1.1.1.1/30
            set routing-options static route 0.0.0.0/0 next-hop < ip address of the upstream router>
            b) To configure interfaces fe-0/0/7 to obtain an IP address and default gateway from a DHCP server:
            set interfaces fe-0/0/7 unit 0 family inet dhcp
            set security zones security-zone untrust interfaces fe-0/0/7.0 host-inbound-traffic system-services dhcp
             
• Create a NAT rule for source translation of all Internet-bound traffic.
            set security nat source rule-set interface-nat from zone trust
            set security nat source rule-set interface-nat to zone untrust
            set security nat source rule-set interface-nat rule rule1 match source-address 0.0.0.0/0 destination-address 0.0.0.0/0
            set security nat source rule-set interface-nat rule rule1 then source-nat interface
             
• Use the “commit” command at the CLI prompt to activate the configuration.
            commit