Table of Contents
- About This Guide
- J Series and SRX Series Documentation and Release Notes
- Objectives
- Audience
- Supported Routing Platforms
- Document Conventions
- Documentation Feedback
- Requesting
Technical Support
- Configuration Statements
- Access Hierarchy and Statements
- Access Configuration Statement Hierarchy
- admin-search
- assemble
- authentication-order
- banner
- banner (FTP, HTTP, Telnet)
- banner (Web Authentication)
- base-distinguished-name
- client-group
- client-idle-timeout
- client-name-filter
- client-session-timeout
- configuration-file
- count
- default-profile
- distinguished-name
- domain-name
- fail
- firewall-authentication
- firewall-user
- ftp
- http
- ldap-options
- ldap-server
- login
- pass-through
- password
- port
- port (LDAP)
- port (RADIUS)
- radius-options
- radius-server
- retry
- retry (LDAP)
- retry (RADIUS)
- revert-interval
- revert-interval (LDAP)
- revert-interval (RADIUS)
- routing-instance
- routing-instance (LDAP)
- routing-instance (RADIUS)
- search
- search-filter
- secret
- securid-server
- separator
- session-options
- source-address
- source-address (LDAP)
- source-address (RADIUS)
- success
- telnet
- timeout
- timeout (LDAP Server)
- timeout (RADIUS Server)
- traceoptions
- web-authentication
- Accounting-Options Hierarchy
- Accounting-Options Configuration Statement Hierarchy
- Applications Hierarchy and Statements
- Applications Configuration Statement Hierarchy
- alg
- application-protocol
- destination-port
- icmp-code
- icmp-type
- inactivity-timeout
- protocol
- rpc-program-number
- source-port
- term
- uuid
- Bridge-Domains Hierarchy and Statements
- Bridge-Domains Configuration Statement Hierarchy
- bridge-domains
- bridge-options
- domain-type
- interface
- routing-interface
- static-mac
- vlan-id
- vlan-id-list
- Chassis Hierarchy and Statements
- Chassis Configuration Statement Hierarchy
- aggregated-devices ethernet device-count
- cluster
- control-link-recovery
- control-ports
- global-threshold
- global-weight
- gratuitous-arp-count
- heartbeat-interval
- heartbeat-threshold
- hold-down-interval
- interface
- interface-monitor
- ip-monitoring
- node
- node (Cluster)
- node (Redundancy-Group)
- pic-mode
- preempt
- priority
- redundancy-group
- retry-count
- retry-interval
- reth-count
- traceoptions
- tunnel-queuing
- weight
- Class-of-Service Hierarchy and Statements
- Class-of-Service Configuration Statement Hierarchy
- adaptive-shaper
- adaptive-shapers
- code-points (Forwarding Class)
- default
- frame-relay-de (Assigning to an Interface)
- frame-relay-de (Defining Loss Priority)
- frame-relay-de (Defining Rewrite Rule)
- loss-priority (Frame Relay DE Bit Loss-Priority Map)
- loss-priority (Rewrite Rules)
- loss-priority-maps (Assigning to an Interface)
- loss-priority-maps (Defining)
- rewrite-rules (Definition)
- rewrite-rules (Interfaces)
- scheduler-map (Virtual Channels)
- shaping-rate (Adaptive Shaping)
- shaping-rate (Applying to an Interface)
- shaping-rate (Virtual Channels)
- trigger
- virtual-channels
- virtual-channel-group
- virtual-channel-groups
- Event-Options Hierarchy
- Event-Options Configuration Statement Hierarchy
- Firewall Hierarchy and Statements
- Firewall Configuration Statement Hierarchy
- policer
- simple-filter
- Forwarding-Options Hierarchy and Statements
- Forwarding-Options Configuration Statement Hierarchy
- vpn
- Groups Hierarchy
- Groups Configuration Statement Hierarchy
- Interfaces Hierarchy and Statements
- Interfaces Configuration Statement Hierarchy
- access-point-name
- activation-priority
- aggregated-ether-options
- annex
- authentication-method
- bandwidth
- bearer-bandwidth-limit
- bundle
- cbr rate
- cellular-options
- client-identifier
- compression-device
- credit
- dhcp
- dynamic-call-admission-control
- encapsulation
- fabric-options
- family bridge
- flag
- flow-control
- fpc
- gsm-options
- interface (PIC Bundle)
- latency
- lease-time
- line-rate
- link-speed
- loopback
- member-interfaces
- minimum-links (reth options)
- native-vlan-id
- next-hop-tunnel
- no-flow-control
- no-loopback
- no-source-filtering
- pic-mode
- profiles
- promiscuous-mode
- quality
- radio-router
- redundancy-group
- redundant-ether-options
- redundant-parent
- redundant-parent (Fast Ethernet Options)
- redundant-parent (Gigabit Ethernet Options)
- resource
- retransmission-attempt
- retransmission-interval
- roaming-mode
- select-profile
- server-address
- simple-filter
- sip-password
- sip-user-id
- source-address-filter
- source-filtering
- threshold
- traceoptions
- update-server
- vbr rate
- vdsl-profile
- vendor-id
- vlan-tagging
- web-authentication
- Power Over Ethernet Hierarchy and Statements
- PoE Configuration Statement Hierarchy
- disable
- duration
- guard-band
- interface
- interval
- management
- maximum-power
- priority
- telemetries
- Policy-Options Hierarchy and Statements
- Policy-Options Configuration Statement Hierarchy
- condition
- route-active-on
- Protocols Hierarchy and Statements
- Protocols Configuration Statement Hierarchy
- disable
- end-system-configuration-timer
- esis
- graceful-restart
- hold-time
- interface
- global-mac-limit
- global-mac-table-aging-time
- global-no-mac-learning
- l2-learning
- packet-action
- preference
- traceoptions
- Routing-Instances Hierarchy
- Routing-Instances Configuration Statement Hierarchy
- Routing-Options Hierarchy
- Routing-Options Configuration Statement Hierarchy
- Schedulers Hierarchy and Statements
- Schedulers Configuration Statement Hierarchy
- all-day
- daily
- exclude
- friday
- monday
- saturday
- scheduler
- schedulers
- start-date
- start-time
- stop-date
- stop-time
- sunday
- thursday
- tuesday
- wednesday
- Security Hierarchy and Statements
- Security Configuration Statement Hierarchy
- access profile
- access-profile (Dynamic VPNs)
- access-profile (IPsec VPNs)
- ack-number
- action
- action (Application-Level DDoS)
- action (web filtering)
- active-policy
- action-profile
- address
- address (ARP Proxy)
- address (Destination NAT)
- address (IKE Gateway)
- address (Zone Address Book)
- address (Zone Address Set)
- address-book
- address-blacklist
- address-persistent
- address-set
- address-whitelist
- admin-email
- administrator
- aging
- alarm-threshold
- alarm-without-drop
- alert
- alg
- algorithm
- all-tcp
- allow-dns-reply
- allow-icmp-without-flow
- always-send
- anomaly
- antispam
- antispam (feature-profile)
- antispam (utm-policy)
- antivirus
- antivirus (feature-profile)
- antivirus (utm-policy)
- apn (gtp)
- application
- application (Application-Level DDoS)
- application (Protocol Binding Custom Attack)
- application (Security Policies)
- application-identification
- application-screen
- application-screen (H323)
- application-screen (MGCP)
- application-screen (SCCP)
- application-screen (SIP)
- application-services
- application-services (priority)
- application-services (Unified Access Control)
- application-services (WXC Integrated Services Module)
- application-system-cache
- application-system-cache-timeout
- attack-threshold
- attacks
- attacks (Exempt Rulebase)
- attacks (IPS Rulebase)
- attack-type
- attack-type (Anomaly)
- attack-type (Chain)
- attack-type (Signature)
- authentication
- authentication-algorithm
- authentication-method
- auto-re-enrollment
- automatic
- bind-interface
- block-command
- block-content-type
- block-mime
- bridge
- c-timeout
- ca-identity
- ca-profile
- ca-profile-name
- cache
- cache-size
- call-flood
- category
- category (Security Logging)
- category (web filtering)
- certificate
- certificate-id
- chain
- challenge-password
- clear-threshold
- clients
- code
- connection-rate-threshold
- connection-flood
- connections-limit
- container
- content-filtering
- content-filtering (feature-profile)
- content-filtering (utm-policy)
- content-size
- content-size-limit
- context
- context (Application-Level DDoS)
- corrupt-file
- count
- count (Custom Attack)
- count (Security Policies)
- crl
- custom-attack
- custom-attack-group
- custom-attacks
- custom-block-message
- custom-message
- custom-message (antivirus notification-options fallback-block/non-block)
- custom-message (antivirus notification-options virus-detection)
- custom-message (content-filter notification-options)
- custom-message-subject
- custom-message-subject (antivirus notification-options fallback-block/non-block)
- custom-message-subject (antivirus notification-options virus-detection)
- custom-message-subject (antivirus pattern-update email-notify)
- custom-objects
- custom-tag-string
- custom-url-category
- data-length
- datapath-debug
- dead-peer-detection
- decompress-layer
- decompress-layer-limit
- default
- default (antivirus fallback-options)
- default (web-filtering fallback-settings)
- default-policy
- deny
- deny (Policy)
- deny (SIP)
- description
- description (IDP Policy)
- description (Security Policies)
- destination
- destination (Destination NAT)
- destination (IP Headers in Signature Attack)
- destination-address
- destination-address (Destination NAT)
- destination-address (IDP Policy)
- destination-address (Security Policies)
- destination-address (Source NAT)
- destination-address (Static NAT)
- destination-address (Traffic Policy Services Gateway)
- destination-except
- destination-ip
- destination-ip-based
- destination-nat
- destination-port
- destination-port (Destination NAT)
- destination-port (Signature Attack)
- destination-threshold
- detect-shellcode
- detector
- df-bit
- dh-group
- direction
- direction (Custom Attack)
- direction (Dynamic Attack Group)
- disable-call-id-hiding
- distinguished-name
- dns
- download-profile
- download-profile (ftp antivirus utm-profile)
- download-profile (ftp content-filtering utm-profile)
- drop (gtp)
- dynamic
- dynamic-vpn
- dynamic-attack-group
- early-ageout
- email-notify
- enable-all-qmodules
- enable-packet-pool
- encryption
- encryption-algorithm
- endpoint-registration-timeout
- engine-not-ready
- enrollment
- establish-tunnels
- event-rate
- exception
- exception (antivirus mime-whitelist)
- exception (content-filter block-mime)
- exclude-context-values
- expression
- external-interface
- external-interface (IKE Gateway)
- external-interface (Manual Security Association)
- fallback-block
- fallback-options
- fallback-options (antivirus juniper-express-engine)
- fallback-options (antivirus kaspersky-lab-engine)
- fallback-settings
- fallback-settings (web-filtering surf-control-integrated)
- fallback-settings (web-filtering websense-redirect)
- fallback-settings (web-filtering juniper-local)
- false-positives
- family
- feature-profile
- filename-extension
- filters
- fin-no-ack
- firewall-authentication
- firewall-authentication (Policies)
- firewall-authentication (Security)
- flood
- flood (ICMP)
- flood (UDP)
- flow
- flow (IDP)
- flow (Security Flow)
- force-upgrade
- format (first use in Security Logging)
- format (second use in Security Logging)
- forwarding-options
- forwarding-process
- fragment
- from
- from-zone
- from-zone (IDP Policy)
- from-zone (Security Policies)
- ftp
- ftp (utm)
- ftp (antivirus utm-policy)
- ftp (content-filtering utm-policy)
- functional-zone
- gatekeeper
- gateway
- gateway (IKE)
- gateway (IPsec)
- gateway (Manual Security Association)
- global
- gre-in
- gre-out
- group-members
- gtp
- h323
- header-length
- hit-rate-threshold
- high-watermark
- host
- host (Security Logging)
- host-address-base
- host-inbound-traffic
- hostname
- http-profile
- http-profile (antivirus utm-policy)
- http-profile (content-filtering utm-policy)
- http-profile (web-filtering utm-policy)
- icmp
- icmp (Protocol Binding Custom Attack)
- icmp (Security Screen)
- icmp (Signature Attack)
- identification
- identification (ICMP Headers in Signature Attack)
- identification (IP Headers in Signature Attack)
- idle-time
- idp
- idp-policy
- ids-option
- ignore-mem-overflow
- ignore-regular-expression
- ike
- ike (IPsec VPN)
- ike (Security)
- ike-policy
- ike-user-type
- imap-profile
- imap-profile (antivirus utm-policy)
- imap-profile (content-filtering utm-policy)
- inactive-media-timeout
- inactive-media-timeout (MGCP)
- inactive-media-timeout (SCCP)
- inactive-media-timeout (SIP)
- include-destination-address
- inet
- inet6
- install-interval
- intelligent-prescreening
- interface
- interface (ARP Proxy)
- interface (Source NAT)
- interfaces
- interval
- interval (IDP)
- interval (IKE)
- interval (anti-virus)
- interval (kaspersky-lab-engine)
- interval (juniper-express-engine)
- ip
- ip (Protocol Binding Custom Attack)
- ip (Security Screen)
- ip (Signature Attack)
- ip-action
- ip-action (Application-Level DDoS)
- ip-block
- ip-close
- ip-flags
- ip-notify
- ips
- ipsec-policy
- ipsec-vpn
- ipsec-vpn (Flow)
- ipsec-vpn (Policies)
- ipsec-vpn (Dynamic VPNs)
- ip-sweep
- iso
- juniper-express-engine
- juniper-local
- kaspersky-lab-engine
- land
- large
- lifetime-kilobytes
- lifetime-seconds
- limit
- limit-session
- list
- list (antivirus mime-whitelist)
- list (content-filter block-mime)
- local
- local-certificate
- local-identity
- log
- log (GTP)
- log (IDP)
- log (IDP Policy)
- log (Security Policies)
- log (Security Logging)
- log-attacks
- log-errors
- log-supercede-min
- low-watermark
- management
- manual
- match
- match (Destination NAT)
- match (IDP Policy)
- match (rulebase-ddos)
- match (Security Policies)
- match (Source NAT)
- match (Static NAT)
- max-context-values
- max-flow-mem
- max-logs-operate
- max–message–length
- max-packet-mem
- max-packet-memory
- max-sessions
- max-tcp-session-packet-memory
- max-time-report
- max-timers-poll-ticks
- max-udp-session-packet-memory
- maximize-idp-sessions
- maximum-call-duration
- maximum-message-length
- mcc–mnc (gtp)
- media-source-port-any
- member
- message-flood
- message-flood (H323)
- message-flood (MGCP)
- mgcp
- mime-pattern
- mime-whitelist
- min–message–length
- mode
- mode (Forwarding-Options)
- mode (Policy)
- mode (Security Logging)
- mpls
- msrpc
- mss
- nat
- nat-keepalive
- negate
- nested-application-identification
- nested-application-system-cache
- no-allow-icmp-without-flow
- no-anti-replay
- no-enable-all-qmodules
- no-enable-packet-pool
- no-log-errors
- no-nat-traversal
- no-policy-lookup-cache
- no-reset-on-policy
- no-sequence-check
- no-syn-check
- no-syn-check-in-tunnel
- notification
- notification-options
- notification-options (antivirus juniper-express-engine)
- notification-options (antivirus kaspersky-lab-engine)
- notification-options (content-filtering)
- notify-mail-sender
- notify-mail-sender (antivirus fallback-block)
- notify-mail-sender (antivirus notification-options virus-detection)
- optimized
- option
- order
- out-of-resources
- over-limit
- overflow-pool
- packet-filter
- pair-policy
- pass-through
- password-file
- pattern
- pattern-update
- pattern-update (kaspersky-lab-engine)
- pattern-update (juniper-express-engine)
- peer-certificate-type
- perfect-forward-secrecy
- performance
- permit
- permit-command
- persistent-nat
- ping-death
- pki
- policies
- policy
- policy (IKE)
- policy (IPsec)
- policy (Security)
- policy-lookup-cache
- policy-rematch
- pool
- pool (Destination NAT)
- pool (Source NAT)
- pool-utilization-alarm
- pop3–profile
- pop3-profile (antivirus utm-policy)
- pop3-profile (content-filtering utm-policy)
- port
- port (web filtering)
- port-randomization
- port-scan
- pptp
- pre-filter-shellcode
- predefined-attack-groups
- predefined-attacks
- pre-shared-key
- process-ignore-s2c
- process-override
- process-port
- products
- profile
- profile (antispam sbl)
- profile (antivirus kaspersky-lab-engine)
- profile (antivirus juniper-express-engine)
- profile (content-filtering)
- profile (gtp)
- profile (web-filtering surf-control-integrated)
- profile (web-filtering websense-redirect)
- profile (web-filtering juniper-local)
- proposal
- proposal-set
- proposal-set (IKE)
- proposal-set (IPsec)
- proposals
- protect
- protocol
- protocol (IPsec)
- protocol (Manual Security Association)
- protocol (IP Headers in Signature Attack)
- protocol (Signature Attack)
- protocol-binding
- protocol-command
- protocol-name
- protocols
- protocols (Interface Host-Inbound Traffic)
- protocols (Zone Host-Inbound Traffic)
- proxy-arp
- proxy-identity
- raise-threshold
- rate-limit
- real
- re-assembler
- re-enroll-trigger-time-percentage
- recommended
- recommended-action
- regexp
- reject
- reject-timeout
- remote
- remote-exceptions
- remote-protected-resources
- remove-r6
- reset
- reset-on-policy
- respond-bad-spi
- retain-hold-resource
- revocation-check
- route-change-timeout
- routing-instance
- routing-instance (Destination NAT)
- routing-instance (Source NAT)
- rpc
- rsh
- rst-invalidate-session
- rst-sequence-check
- rtsp
- rule
- rule (Application-Level DDoS Rulebase)
- rule (Destination NAT)
- rule (Exempt Rulebase)
- rule (IPS Rulebase)
- rule (Source NAT)
- rule (Static NAT)
- rulebase-ddos
- rule-set
- rule-set (Destination NAT)
- rule-set (Source NAT)
- rule-set (Static NAT)
- rulebase-exempt
- rulebase-ips
- sbl
- sbl-default-server
- scan-mode
- scan-options
- scan-options (antivirus juniper-express-engine)
- scan-options (anti-virus kaspersky-lab-engine)
- sccp
- scheduler-name
- scope
- scope (Chain Attack)
- scope (Custom Attack)
- screen
- screen (Security)
- screen (Zones)
- security-package
- security-zone
- sensor-configuration
- seq-number-validated
- server
- server-connectivity
- sessions
- session-close
- session-init
- sessions-per-client
- sequence-number
- sequence-number (ICMP Headers in Signature Attack)
- sequence-number (TCP Headers in Signature Attack)
- service
- service (AppDDoS)
- service (Anomaly Attack)
- service (Dynamic Attack Group)
- service (Security IPsec)
- severity
- severity (Custom Attack)
- severity (Dynamic Attack Group)
- severity (IPS Rulebase)
- shellcode
- signature
- sip
- smtp-profile
- smtp-profile (antispam utm-policy)
- smtp-profile (antivirus utm-policy)
- smtp-profile (content-filtering utm-policy)
- sockets
- source
- source (IP Headers in Signature Attack)
- source (Source NAT)
- source-address
- source-address (Destination NAT)
- source-address (IDP Policy)
- source-address (Source NAT)
- source-address (Security Policies)
- source-except
- source-interface
- source-ip-based
- source-nat
- source-port
- source-threshold
- spam-action
- spi
- sql
- ssh-known-hosts
- ssl-inspection
- start-log
- start-time
- static
- static-nat
- strict-syn-check
- sunrpc
- suppression
- surf-control-integrated
- syn-ack-ack-proxy
- syn-fin
- syn-flood
- syn-flood-protection-mode
- syn-frag
- system-services
- system-services (Interface Host-Inbound Traffic)
- system-services (Zone Host-Inbound Traffic)
- t1-interval
- t4-interval
- talk
- target
- tcp
- tcp (Protocol Binding Custom Attack)
- tcp (Security Screen)
- tcp (Signature Attack)
- tcp-flags
- tcp-initial-timeout
- tcp-mss
- tcp-no-flag
- tcp-rst
- tcp-session
- terminal
- test
- tftp
- then
- then (Destination NAT)
- then (IDP Policy)
- then (rulebase-ddos)
- then (Security Policies)
- then (Source NAT)
- then (Static NAT)
- threshold
- time-binding
- time-binding-count
- time-binding-period statement
- timeout
- timeout (GTP)
- timeout (IDP Policy)
- timeout (Security Screen)
- timeout (utm)
- timeout (antivirus fallback-options)
- timeout (antivirus scan-options)
- timeout (antivirus trickling)
- timeout (web-filtering surf-control-integrated cache)
- timeout (web-filtering fallback-settings)
- timeout (web-filtering websense-redirect profile)
- to
- to-zone
- too-many-requests
- too-many-requests (antivirus fallback-options)
- too-many-requests (web-filtering fallback-settings)
- tos
- total-length
- traceoptions
- traceoptions (firewall-authentication)
- traceoptions (H.323 ALG)
- traceoptions (Flow)
- traceoptions (firewall-authentication)
- traceoptions (IDP)
- traceoptions (IKE)
- traceoptions (IPsec)
- traceoptions (MGCP ALG)
- traceoptions (NAT)
- traceoptions (datapath-debug)
- traceoptions (PKI)
- traceoptions (Policies)
- traceoptions (SCCP ALG)
- traceoptions (Screen)
- traceoptions (Security)
- traceoptions (SIP ALG)
- traffic-options
- transaction-timeout
- trickling
- trusted-ca
- ttl
- tunable-name
- tunable-value
- tunnel
- type
- type (ICMP Headers in Signature Attack)
- type (Dynamic Attack Group)
- type (utm)
- type (antivirus fallback-block)
- type (antivirus feature-profile)
- type (antivirus notification-options virus-detection)
- type (content-filtering notification-options)
- udp
- udp (Protocol Binding Custom Attack)
- udp (Security Screen)
- udp (Signature Attack)
- unknown-message
- unknown-message (H.323 ALG)
- unknown-message (MGCP ALG)
- unknown-message (SCCP ALG)
- unknown-message (SIP ALG)
- upload-profile
- upload-profile (ftp antivirus utm-profile)
- upload-profile (ftp content-filtering utm-profile)
- urgent-pointer
- url
- url (antivirus)
- url (kaspersky-lab-engine)
- url (juniper-express-engine)
- url-blacklist
- url-pattern
- url-whitelist
- url-whitelist (antivirus)
- url-whitelist (web-filtering)
- user
- user-at-hostname
- utm
- utm-policy
- value-hit-rate-threshold
- virus-detection
- vpn
- vpn-monitor
- vpn-monitor-options
- web-authentication
- web-redirect
- weight
- wildcard
- window-scale
- window-size
- winnuke
- xauth
- zones
- Services Hierarchy and Statements
- Services Configuration Statement Hierarchy
- address
- address (peer call server)
- analog (station-type)
- analog-template
- auth-id (peer-call-server)
- auth-id (station)
- auth-password (peer-call-server)
- auth-password (station)
- auto-attendant
- ca-profile
- caller-id (station)
- caller-id-transmit (analog template, sip template)
- call-type (policy)
- call-type (route pattern)
- cas-group
- class-of-restriction
- class-of-restriction (station)
- class-of-restriction (analog template, sip template)
- codec (peer call server)
- codec (sip template)
- comfort-noise-generation (analog template)
- description (peer call server)
- description (trunk group)
- dial-plan (media gateway)
- dial-plan (survivable call server)
- digit-manipulation
- digit-transform (rule)
- digit-transform (trunk group)
- direct-inward-dialing
- direct-inward-line
- directory
- dtmf-method (peer call server, sip template)
- extension (live-attendant)
- extension-inherit
- extension-number (voicemail)
- extension (station)
- features
- format
- from (route-policy)
- guest
- heartbeat-normal-interval
- heartbeat-survivable-interval
- hours
- infranet-controller
- interface
- interval
- live-attendant
- media-gateway
- monitor-timeout
- music-on-hold
- next hop (route policy)
- order
- password
- peer call server (definition)
- peer call server (media gateway)
- peer-proxy-server
- peer call server (route policy)
- permission
- policy
- port
- port (peer-call-server, media-gateway, survivable-call-service)
- protocol (peer-call-server, media-gateway, survivable-call-service)
- pstn-access-number
- registration-expiry-timeout
- regular-expression
- response-threshold
- ring-count
- route pattern (dial plan)
- route (route policy)
- route-policy
- server-certificate-subject
- service-point (survivable call server, media gateway)
- sip (media gateway, peer call server, survivable call server)
- sip-template (sip)
- sip-timeout
- station
- station-template
- station-type
- survivable-call-service
- tdm-interface (analog station)
- tdm-interface (direct-inward-line)
- template (analog)
- template (sip)
- term (route policy)
- then
- test-only-mode
- timeout
- timeout-action
- traceoptions
- transport (survivable-call-service, media-gateway, peer-call-server)
- trunk
- trunk-group (definition)
- trunk-group (route-pattern, route-policy)
- unified-access-control
- voice-activity-detection
- voicemail
- zone (media-gateway, survivable-call-service)
- SNMP Hierarchy and Statements
- SNMP Configuration Statement Hierarchy
- authorization
- client-list-name
- System Hierarchy and Statements
- System Configuration Statement Hierarchy
- firewall-authentication-service
- general-authentication-service
- network-security
- pki-local-certificate
- Port
- port (reverse ssh)
- port (reverse telnet)
- propagate-settings
- reverse ssh
- reverse telnet
- system-generated-certificate
- traceoptions
- traceoptions (General Authentication Service)
- traceoptions (WAN Acceleration)
- wan-acceleration
- Wlan Hierarchy and Statements
- [edit wlan] Configuration Statement Hierarchy
- access-point
- access-point-options
- access-point-queues
- arbitration-inter-frame-space
- background-queue
- beacon-interval
- best-effort-queue
- broadcast-multicast-rate-limit
- channel
- channel-management
- cluster
- cluster (access point)
- console
- country
- default-cluster
- disable-dot11d
- dot1x
- dot1x-supplicant
- dtim-period
- ethernet
- external
- fixed-multicast-rate
- fragmentation-threshold
- http-redirect
- interfaces
- mac-authentication-type
- management-vlan
- maximum-stations
- maximum-burst
- maximum-contention-window
- minimum-contention-window
- mode
- name
- name-server
- no-acknowledgement
- no-auto-power-save
- no-broadcast-ssid
- no-short-guard-interval-supported
- no-wifi-multimedia
- ntp-server
- protection
- quality-of-service
- radio
- radio-off
- radio-options
- rts-threshold
- security
- space-time-block-coding
- ssid
- static
- static-wep
- station-mac-filter
- station-queues
- transmit-opportunity-limit
- transmit-power
- transmit-rate-sets
- untagged-vlan
- video-queue
- virtual-access-point
- vlan
- voice-queue
- wpa-enterprise
- wpa-personal
- Operational Commands
- Clear Commands
- clear chassis cluster control-plane statistics
- clear chassis cluster data-plane statistics
- clear chassis cluster failover-count
- clear chassis cluster ip-monitoring failure-count
- clear chassis cluster ip-monitoring failure-count ip-address
- clear chassis cluster statistics
- clear esis adjacency
- clear esis statistics
- clear network-access requests pending
- clear gtp tunnels
- clear network-access requests statistics
- clear network-access securid-node-secret-file
- clear security alg h323 counters
- clear security alg mgcp calls
- clear security alg mgcp counters
- clear security alg sccp calls
- clear security alg sccp counters
- clear security alg sip calls
- clear security alg sip counters
- clear security datapath-debug counter
- clear security firewall-authentication history
- clear security firewall-authentication history address
- clear security firewall-authentication history identifier
- clear security firewall-authentication users
- clear security firewall-authentication users address
- clear security firewall-authentication users identifier
- clear security flow session all
- clear security flow session application
- clear security flow session destination-port
- clear security flow session destination-prefix
- clear security flow session interface
- clear security flow session protocol
- clear security flow session resource-manager
- clear security flow session session-identifier
- clear security flow session source-port
- clear security flow session source-prefix
- clear security idp
- clear security idp application-identification application-system-cache
- clear security idp attack table
- clear security idp counters application-identification
- clear security idp counters dfa
- clear security idp counters flow
- clear security idp counters ips
- clear security idp counters log
- clear security idp counters packet
- clear security idp counters policy-manager
- clear security idp counters tcp-reassembler
- clear security idp ssl-inspection session-id-cache
- clear security ike respond-bad-spi-count
- clear security ike security-associations
- clear security ipsec security-associations
- clear security ipsec statistics
- clear security nat incoming-table
- clear security nat source persistent-nat-table
- clear security pki key-pair
- clear security pki local-certificate
- clear security policies statistics
- clear security screen statistics
- clear security screen statistics interface
- clear security screen statistics zone
- clear security utm anti-spam statistics
- clear security utm antivirus statistics
- clear security utm content-filtering statistics
- clear security utm session
- clear security utm web-filtering statistics
- Request Commands
- request chassis cluster failover node
- request chassis cluster failover reset
- request modem wireless activate iota
- request modem wireless activate manual
- request modem wireless activate otasp
- request modem wireless gsm sim-unblock
- request modem wireless gsm sim-unlock
- request security datapath-debug capture start
- request security datapath-debug capture stop
- request security idp security-package download
- request security idp security-package install
- request security idp ssl-inspection key add
- request security idp ssl-inspection key delete
- request security pki ca-certificate verify
- request security pki local-certificate generate-self-signed
- request security pki local-certificate verify
- request security utm anti-virus juniper-express-engine
- request security utm anti-virus kaspersky-lab-engine
- request system license update
- request system partition compact-flash
- request system services dhcp
- request system software in-service-upgrade
- request wan-acceleration login
- request wlan access-point firmware upgrade
- request wlan access-point restart
- Restart Commands
- restart
- Show Commands
- show bgp neighbor
- show chassis cluster control-plane statistics
- show chassis cluster data-plane statistics
- show chassis cluster interfaces
- show chassis cluster ip-monitoring status redundancy-group
- show chassis cluster statistics
- show chassis cluster status
- show chassis fpc
- show chassis hardware
- show esis adjacency
- show esis interface
- show esis statistics
- show ethernet-switching mac-learning-log
- show ethernet-switching table
- show gtp tunnels
- show igmp-snooping route
- show igmp-snooping vlans
- show interfaces
- show interfaces flow-statistics
- show modem wireless interface
- show modem wireless interface firmware
- show modem wireless interface network
- show modem wireless interface rssi
- show network-access requests pending
- show network-access requests statistics
- show network-access securid-node-secret-file
- show poe controller
- show poe interface
- show poe telemetries interface
- show schedulers
- show security alg h323 counters
- show security alg mgcp calls
- show security alg mgcp counters
- show security alg mgcp endpoints
- show security alg msrpc
- show security alg sccp calls
- show security alg sccp counters
- show security alg sip calls
- show security alg sip counters
- show security alg sip rate
- show security alg sip transactions
- show security alg status
- show security datapath-debug capture
- show security datapath-debug capture
- show security datapath-debug counter
- show security dynamic-vpn client version
- show security dynamic-vpn users
- show security dynamic-vpn users terse
- show security firewall-authentication history
- show security firewall-authentication history address
- show security firewall-authentication history identifier
- show security firewall-authentication users
- show security firewall-authentication users address
- show security firewall-authentication users identifier
- show security flow gate
- show security flow ip-action
- show security flow session
- show security flow session application
- show security flow session destination-port
- show security flow session destination-prefix
- show security flow session idp application
- show security flow session idp application summary
- show security flow session interface
- show security flow session protocol
- show security flow session resource-manager
- show security flow session session-identifier
- show security flow session source-port
- show security flow session source-prefix
- show security flow session summary
- show security flow session tunnel
- show security idp active-policy
- show security idp application-ddos application
- show security idp application-identification application-system-cache
- show security idp attack table
- show security idp counters application-ddos
- show security idp counters application-identification
- show security idp counters dfa
- show security idp counters flow
- show security idp counters ips
- show security idp counters log
- show security idp counters packet
- show security idp counters policy-manager
- show security idp counters tcp-reassembler
- show security idp memory
- show security idp policies
- show security idp policy-templates
- show security idp predefined-attacks
- show security idp security-package-version
- show security idp ssl-inspection key
- show security idp ssl-inspection session-id-cache
- show security idp status
- show security idp status detail
- show security ike pre-shared-key
- show security ike security-associations
- show security ipsec next-hop-tunnels
- show security ipsec security-associations
- show security ipsec statistics
- show security monitoring fpc fpc-number
- show security nat destination pool
- show security nat destination rule
- show security nat destination summary
- show security nat incoming-table
- show security nat interface-nat-ports
- show security nat source persistent-nat-table
- show security nat source pool
- show security nat source rule
- show security nat source summary
- show security nat static rule
- show security nat static-nat summary
- show security pki ca-certificate
- show security pki certificate-request
- show security pki crl
- show security pki local-certificate
- show security policies
- show security resource-manager group active
- show security resource-manager resource active
- show security resource-manager settings
- show security screen ids-option
- show security screen statistics
- show security utm anti-spam statistics
- show security utm anti-spam status
- show security utm anti-virus statistics
- show security utm anti-virus status
- show security utm content-filtering statistics
- show security utm session
- show security utm status
- show security utm web-filtering statistics
- show security utm web-filtering status
- show security zones
- show security zones type
- show services convergence-services media-gateway channels
- show services convergence-services media-gateway connections
- show services convergence-services media-gateway log
- show services convergence-services media-gateway threads
- show services convergence-services media-gateway uptime
- show services convergence-services survivable-call-services
sessions
- show services convergence-services survivable-call-services
Output statistics
- show services unified-access-control authentication-table
- show services unified-access-control policies
- show services unified-access-control status
- show system services dhcp client
- show system services dhcp relay-statistics
- show wan-acceleration status
- show wlan access-points
- Index
- Index