Navigation
SRX210 Factory Default Setting—A Sample
The following sample output shows the factory default configuration of an SRX210:
[edit]user@srx210-host# show system
system {autoinstallation {delete-upon-commit; ## Deletes [system autoinstallation] upon change/committraceoptions {level verbose;flag {all;}}interfaces {ge-0/0/0 {bootp;}}}name-server {208.67.222.222;208.67.220.220;}services {ssh;telnet;xnm-clear-text;web-management {http {interface vlan.0;}https {system-generated-certificate;interface vlan.0;}}dhcp {router {192.168.1.1;}pool 192.168.1.0/24 {address-range low 192.168.1.2 high 192.168.1.254;}propagate-settings ge-0/0/0.0;}}syslog {archive size 100k files 3;user * {any emergency;}file messages {any critical;authorization info;}file interactive-commands {interactive-commands error;}}max-configurations-on-flash 5;max-configuration-rollbacks 5;license {autoupdate {url https://ae1.juniper.net/junos/key_retrieval;}}## Warning: missing mandatory statement(s): 'root-authentication'}interfaces {ge-0/0/0 {unit 0;}ge-0/0/1 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}fe-0/0/2 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}fe-0/0/3 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}fe-0/0/4 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}fe-0/0/5 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}fe-0/0/6 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}fe-0/0/7 {unit 0 {family ethernet-switching {vlan {members vlan-trust;}}}}vlan {unit 0 {family inet {address 192.168.1.1/24;}}}}protocols {stp;}security {screen {ids-option untrust-screen {icmp {ping-death;}ip {source-route-option;tear-drop;}tcp {syn-flood {alarm-threshold 1024;attack-threshold 200;source-threshold 1024;destination-threshold 2048;timeout 20;}land;}}}nat {source {rule-set trust-to-untrust {from zone trust;to zone untrust;rule source-nat-rule {match {source-address 0.0.0.0/0;}then {source-nat {interface;}}}}}}policies {from-zone trust to-zone untrust {policy trust-to-untrust {match {source-address any;destination-address any;application any;}then {permit;}}}}zones {security-zone trust {host-inbound-traffic {system-services {all;}protocols {all;}}interfaces {vlan.0;}}security-zone untrust {screen untrust-screen;interfaces {ge-0/0/0.0 {host-inbound-traffic {system-services {dhcp;tftp;}}}}}}}vlans {vlan-trust {vlan-id 3;l3-interface vlan.0;}}
