- play_arrow vSRX Virtual Firewall Deployment for KVM
- play_arrow Overview
- play_arrow Install vSRX Virtual Firewall in KVM
- Prepare Your Server for vSRX Virtual Firewall Installation
- Install vSRX Virtual Firewall with KVM
- Example: Install and Launch vSRX Virtual Firewall on Ubuntu
- Load an Initial Configuration on a vSRX Virtual Firewall with KVM
- Use Cloud-Init in an OpenStack Environment to Automate the Initialization of vSRX Virtual Firewall Instances
- play_arrow vSRX Virtual Firewall VM Management with KVM
- Configure vSRX Virtual Firewall Using the CLI
- Connect to the vSRX Virtual Firewall Management Console on KVM
- Add a Virtual Network to a vSRX Virtual Firewall VM with KVM
- Add a Virtio Virtual Interface to a vSRX Virtual Firewall VM with KVM
- SR-IOV and PCI
- Upgrade a Multi-core vSRX Virtual Firewall
- Monitor the vSRX Virtual Firewall VM in KVM
- Manage the vSRX Virtual Firewall Instance on KVM
- Recover the Root Password for vSRX Virtual Firewall in a KVM Environment
- play_arrow Configure vSRX Virtual Firewall Chassis Clusters on KVM
-
- play_arrow vSRX Virtual Firewall Deployment for Microsoft Hyper-V
- play_arrow Overview
- play_arrow Install vSRX Virtual Firewall in Microsoft Hyper-V
- play_arrow vSRX Virtual Firewall VM Management with Microsoft Hyper-V
- play_arrow Configure vSRX Virtual Firewall Chassis Clusters
-
- play_arrow vSRX Virtual Firewall Deployment for Contrail
- play_arrow Overview of vSRX Virtual Firewall Service Chains in Contrail
- play_arrow Install vSRX Virtual Firewall in Contrail
- play_arrow vSRX Virtual Firewall VM Management with Contrail
-
- play_arrow vSRX Virtual Firewall Deployment for Nutanix
- play_arrow Overview
- play_arrow Install vSRX Virtual Firewall in Nutanix
-
- play_arrow vSRX Virtual Firewall Deployment for AWS
- play_arrow Overview
- play_arrow Configure and Manage Virtual Firewall in AWS
- Configure an Amazon Virtual Private Cloud for vSRX Virtual Firewall
- Launch a vSRX Virtual Firewall Instance on an Amazon Virtual Private Cloud
- Enroll a vSRX Virtual Firewall on AWS with Juniper ATP Cloud
- Using Cloud-Init to Automate the Initialization of vSRX Virtual Firewall Instances in AWS
- AWS Elastic Load Balancing and Elastic Network Adapter
- Multi-Core Scaling Support on AWS with SWRSS and ENA
- Centralized Monitoring and Troubleshooting using AWS Features
- Deploying vSRX Virtual Firewall 3.0 for Securing Data using AWS KMS
- Configure vSRX Virtual Firewall Using the CLI
- Configure vSRX Virtual Firewall Using the J-Web Interface
- Upgrade Junos OS Software on a vSRX Virtual Firewall Instance
- Remove a vSRX Virtual Firewall Instance on AWS
- Geneve Flow Infrastructure on vSRX Virtual Firewall 3.0
- AWS Gateway Load Balancing with Geneve
- play_arrow Virtual Firewall in AWS Use Cases
-
- play_arrow vSRX Virtual Firewall Deployment for Microsoft Azure
- play_arrow Overview
- play_arrow Deploy vSRX Virtual Firewall from the Azure Portal
- play_arrow Deploy vSRX Virtual Firewall from the Azure CLI
- play_arrow Configure and Manage vSRX Virtual Firewall for Microsoft Azure
- play_arrow Configure Azure Features on vSRX Virtual Firewall and Use Cases
- Deployment of Microsoft Azure Hardware Security Module on vSRX Virtual Firewall 3.0
- Example: Configure an IPsec VPN Between Two vSRX Virtual Firewall Instances
- Example: Configure an IPsec VPN Between a vSRX Virtual Firewall and Virtual Network Gateway in Microsoft Azure
- Example: Configure Juniper ATP Cloud for vSRX Virtual Firewall
-
- play_arrow vSRX Virtual Firewall Deployment for Google Cloud Platform
- play_arrow Overview
- play_arrow Install vSRX Virtual Firewall in Google Cloud
-
- play_arrow vSRX Virtual Firewall Deployment for IBM Cloud
- play_arrow Overview
- play_arrow Installing and Configuring vSRX Virtual Firewall in IBM
- Performing vSRX Virtual Firewall Basics in IBM Cloud
- vSRX Virtual Firewall Readiness Checks in IBM Cloud
- Managing VLANs with a gateway appliance
- Working with the vSRX Virtual Firewall Default Configurations
- Migrating Legacy Configurations to the Current vSRX Virtual Firewall Architecture
- Allowing SSH and Ping to a Public Subnet
- Performing vSRX Virtual Firewall Advanced Tasks in IBM Cloud
- Upgrading the vSRX Virtual Firewall in IBM Cloud
- play_arrow Managing vSRX Virtual Firewall in IBM Cloud
- play_arrow Monitoring and Troubleshooting
-
- play_arrow vSRX Virtual Firewall Deployment for OCI
- play_arrow Overview
- play_arrow Installing vSRX Virtual Firewall in OCI
- play_arrow vSRX Virtual Firewall Licensing
-
Load an Initial Configuration on a vSRX Virtual Firewall with VMware
Starting in Junos OS Release 15.1X49-D40 and Junos OS Release 17.3R1, you can use a mounted ISO image to pass the initial startup Junos OS configuration to a vSRX Virtual Firewall VM. This ISO image contains a file in the root directory called juniper.conf. The configuration file uses curly brackets ({) and indentation to display the hierarchical structure of the configuration. Terminating or leaf statements in the configuration hierarchy are displayed with a trailing semicolon (;) to define configuration details, such as root password, management IP address, default gateway, and other configuration statements. Also, vSRX Virtual Firewall reads the configuration file from the mounted ISO only when it boots up for the first time and does not read after the first boot.
The juniper.conf file must be in the format same as displayed using show
configuration
command and it cannot be in set
command
format.
The process to bootstrap a vSRX Virtual Firewall VM with an ISO configuration image is as follows:
SNMPv3 configuration is not supported when provisioning the vSRX Virtual Firewall platforms with an ISO bootstrap image.
Create the juniper.conf configuration file with your Junos OS configuration.
An example of a juniper.conf file follows.
content_copy zoom_out_mapsystem { host-name iso-mount-test; root-authentication { encrypted-password "$5$wCXP/Ma4$aqMJBhy82.wI643ijb73yHKKl9TXApPycGKKn.PjpA8"; ## SECRET-DATA } login { user regress { uid 2001; class super-user; authentication { encrypted-password "$6$FGJM2YEb$KTGIehvNt9Mf.u3ESWGB1aSQeXrSeg6zoCWZw0D6M6vnmWb8DAWsprNXyKZeW6M3kErFFTFtAuNpGjDjfwX4t."; ## SECRET-DATA } } } services { ssh { root-login allow; } telnet; web-management { http { interface fxp0.0; } } } syslog { user * { any emergency; } file messages { any any; authorization info; } file interactive-commands { interactive-commands any; } } license { autoupdate { url https://ae1.juniper.net/junos/key_retrieval; } } } security { forwarding-options { family { inet6 { mode flow-based; } } } policies { default-policy { permit-all; } } zones { security-zone AAA { interfaces { all; } } } } interfaces { ge-0/0/0 { vlan-tagging; unit 0 { vlan-id 77; family inet { address 10.1.1.0/24 { arp 10.1.1.10 mac 00:10:12:34:12:34; } } } } ge-0/0/1 { vlan-tagging; unit 0 { vlan-id 1177; family inet { address 10.1.1.1/24 { arp 10.1.1.10 mac 00:10:22:34:22:34; } } } } fxp0 { unit 0 { family inet { address 192.168.70.9/19; } } } } routing-options { static { route 0.0.0.0/0 next-hop 192.168.64.1; } }
Create an ISO image that includes the juniper.conf file.
Mount the ISO image to the vSRX Virtual Firewall VM.
Boot or reboot the vSRX Virtual Firewall VM. vSRX Virtual Firewall will boot using the juniper.conf file included in the mounted ISO image.
Unmount the ISO image from the vSRX Virtual Firewall VM. To unmount the ISO image see Dismount ISO Image from VM.
If you do not unmount the ISO image after the initial boot or reboot, all subsequent configuration changes to the vSRX Virtual Firewall are overwritten by the ISO image on the next reboot.
Create a vSRX Virtual Firewall Bootstrap ISO Image
This task uses a Linux system to create the ISO image.
To create a vSRX Virtual Firewall bootstrap ISO image:
See Also
Upload an ISO Image to a VMWare Datastore
To upload an ISO image to a datastore:
- On the VMware vSphere Web Client, select the datastore you want to upload the file to.
- Select the folder where you want to store the file and click Upload a File from the task bar.
- Browse to the file on your local computer and click Upload.
Optionally, refresh the datastore to see the new file.
Provision vSRX Virtual Firewall with an ISO Bootstrap Image on VMWare
To provision a vSRX Virtual Firewall VM with an ISO bootstrap image:
- From VMware vSphere client, select the host server where the vSRX Virtual Firewall VM resides.
- Right-click the vSRX Virtual Firewall VM and select Edit Settings. The Edit Setting dialogue box appears.
- Select the Hardware tab and click Add. The Add Hardware dialog box opens.
- Select the CD/DVD drive and click Next.
- Select Use ISO image and click Next.
- Click Datastore ISO File, browse to your boostrap ISO image, and click Next.
- Click Next and Finish to save this setting.
- Click OK to save this CD drive to the VM.
- Right-click the vSRX Virtual Firewall VM and select Power>Power On to boot the vSRX Virtual Firewall VM.
- After the vSRX Virtual Firewall boots, verify the configuration and then select Power> Power down to shut down the vSRX Virtual Firewall so you can remove the ISO image.
- Select the CD/DVD drive from the Hardware tab in the VMWare vSphere client.
- Select the CD drive for the ISO file and click Remove to remove your boostrap ISO image.
- Click OK to save this setting.
- Right-click the vSRX Virtual Firewall VM and select Power>Power On to boot the vSRX Virtual Firewall VM.
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.