JUNOS : Configuring Layer 2 Logical Interfaces

J-Web Configuration

To configure a Layer 2 logical interface as a trunk port:

1. Select Configure>CLI Tools>Point and Click CLI.
2. Next to Interfaces, click Configure or Edit.
3. In the Interface name column, select ge-3/0/0.
4. Under Unit, in the Interface unit number column, click 0.
5. Next to Family group, select Bridge and then click Configure.
6. Next to Interface mode, select trunk.
7. Next to Vlan list, select Vlan id list.
8. In the Vlan id box, type 1–10.
9. Click OK to return to the Family page.
10. Click OK to return to the Unit page.
11. Click OK to return to the Interface page.
12. Click OK to return to the Interfaces page.

To configure a VLAN ID for untagged packets received on a physical interface:

1. Select Configure>CLI Tools>Point and Click CLI.
2. Next to Interfaces, click Configure or Edit.
3. In the Interface name column, select ge-3/0/0.
4. In the Native vlan id box, type 10.
5. Next to Vlan tag mode, select Vlan tagging.
6. Click OK to return to the Interfaces page.

CLI Configuration

To configure a Layer 2 logical interface as a trunk port:

user@host# set interfaces ge-3/0/0 unit 0 family bridge interface-mode trunk vlan-id-list 1–10

To configure a VLAN identifier for untagged packets received on a physical interface:

user@host# set interfaces ge-3/0/0 vlan-tagging native-vlan-id 10

JUNOS: Features and Benefits

JUNOS software helps customers in specific, measurable ways to improve the availability and delivery of services, to reduce operations effort and errors, and to meet new business needs — with a long list of distinct attributes that set it apart from other network operating systems.

JUNOS Software Advantage	JUNOS Software Attributes
Continuous Systems Improve the availability, performance and security of services	Fault-tolerant modularity - enhances software stability and uptime with independent operation and restart of modules. Dedicated resources for routing and packet forwarding - provide predictable performance as new services are activated and with a command-line interface (CLI) that doesn't lock-up. High availability features - preserve forwarding and routing operations during device events with non-stop forwarding, Graceful Routing Engine Switchover, non-stop routing, etc. Single release train - enables the development control and extensive regression testing that underlie the software stability. Secure Operating System - protects with secure administration and advanced security features, including Stateful firewall, VPNs, etc. that deliver high throughput with many activated policies. Automated operations (see row below) - prevent human errors and provide proactive measures to reduce the total number, severity and duration of events.
Automated Operations Reduce operations effort and errors	Single implementation of each feature - provides a common user experience regardless of platform to simplify deployment and training. Error-resilient configuration - prevents incomplete or incorrect configurations from becoming active in the network. On-box, custom commit scripts - ensure that configurations are error-free and in compliance to each organization's policies to prevent outages and security vulnerabilities caused by human error. On-box, custom operation (op) scripts and event policies - automate finding and proactively resolving issues from the first, leading indicators to reduce the number, severity and duration of events. Single release train - removes significant risk and effort from network upgrades.
Flexible Innovation Meet new business needs	Session Resource and Control portfolio and Open IP Service Creation Program - extend policy and control to applications and other systems to deliver a rich set of IP services. NETCONF/XML interfaces - support flexible integration to management and operations systems. JUNOScope IP Service Manager 413 KB and J-Web 86 KB provide central and web-based management of JUNOS-based platforms. Systematic development process - predictably provides many new features each quarter to protect investment by meeting new service needs.

Google Malaysia Been Cracked.

Today 11 Oct 2013, 9:00 am Google Malaysia web site ( www.google.com.my) by cracked.

Junos : Local Web filtering

To configure local Web filtering using the CLI, you must first create your custom objects.

1. Configure a URL pattern list custom object by creating the list name and adding values to it as follows:

   Note: Because you use URL pattern lists to create custom URL category lists, you must configure URL pattern list custom objects before you configure custom URL category lists. The URL and IP address is added in this example.

   user@host# set security utm custom-objects url-pattern urllist3 value [http://www.juniper.net 1.2.3.4]

   user@host# set security utm custom-objects url-pattern urllist4 value [http://www.acmegizmo.com 1.2.3.4]

   Note: URL pattern wildcard support—The wildcard rule is as follows: \*\.[]\?* and you must precede all wildcard URLs with http://. You can only use “*” if it is at the beginning of the URL and is followed by a “.”. You can only use “?” at the end of the URL. The following wildcard syntax is supported: http://*.juniper.net, http://www.juniper.ne?, http://www.juniper.n??. The following wildcard syntax is NOT supported: *.juniper.net , www.juniper.ne?, http://*juniper.net, http://*.

1. Configure a custom URL category list custom object by using the URL pattern list you created as follows:

   user@host# set security utm custom-objects custom-url-category custurl3 value urllist3

   user@host# set security utm custom-objects custom-url-category custurl4 value urllist4

Now that your custom objects have been created, you can configure the juniper-local Web filtering feature profile.

1. If you are using included global whitelist and blacklist categories, select those global categories. This is the first filtering category that both integrated, redirect, and local Web filtering use. If no match is made, the configured default fallback action is performed. 

2. user@host# set security utm feature-profile web-filtering url-blacklist custurl3

   user@host# set security utm feature-profile web-filtering url-whitelist custurl4

3. Select juniper-local as your Web filtering engine as follows:

   user@host# set security utm feature-profile web-filtering type juniper-local

4. Create a juniper-local profile by first creating a profile with a default action (permit, log and permit, block) for requests that experience errors as follows:

   user@host# set security utm feature-profile web-filtering juniper–local profile localprofile1 default permit

5. Enter a custom message to be sent when HTTP requests are blocked.

   user@host# set security utm feature-profile web-filtering juniper-local profile localprofile1 custom-block-message “Access to this site is not permitted”

6. Select fallback settings (block or log and permit) for this profile. The fallback actions are taken when errors in each configured category occur.

   user@host# set security utm feature-profile web-filtering juniper–local profile localprofile1 fallback-settings default block

   user@host# set security utm feature-profile web-filtering juniper–local profile localprofile1 fallback-settings too-many-requests block

1. Configure a UTM policy for the Web filtering protocol and attach this policy to a profile. CLI commands for configuring a UTM policy for HTTP Web filtering, and attaching that policy to a profile you created earlier for content filtering are:

   user@host# set security utm utm-policy utmp5 web-filtering http-profile localprofile1

2. Attach the UTM policy to a firewall security policy.

   user@host# set security policies from-zone trust to-zone untrust policy p5 match source-address any

   user@host# set security policies from-zone trust to-zone untrust policy p5 match destination-address any

   user@host# set security policies from-zone trust to-zone untrust policy p5 match application junos-http

   user@host# set security policies from-zone trust to-zone untrust policy p5 then permit application-services utm-policy utmp5