Step1. Configure EXPORTER MAP set services flow-monitoring version9 template NETFLOW_MONITOR template-refresh-rate seconds 15 set services flow-monitoring version9 template NETFLOW_MONITOR option-refresh-rate seconds 15 set services flow-monitoring version9 template NETFLOW_MONITOR ipv4-template Step2. Configure MONITOR MAP set forwarding-options sampling instance NETFLOW_INSTANCE family inet output flow-server 192.168.30.100 port 9991 set forwarding-options sampling instance NETFLOW_INSTANCE family inet output flow-server 192.168.30.100 source-address 192.168.1.100 set forwarding-options sampling instance NETFLOW_INSTANCE family inet output flow-server 192.168.30.100 version9 template NETFLOW_MONITOR set forwarding-options sampling instance NETFLOW_INSTANCE family inet output inline-jflow source-address…
Tag: <span>Juniper</span>
Here’s sample firewall configuration in protecting the box and its services. ICMP: ICMP message types are essential for network administration and troubleshooting. There are quite a number of ICMP parameters, you can refer to IANA ICMP Parameters for the list or if you want to learn more details about ICMP can refer to RFC792. Here’s the 4 types I consider useful for troubleshooting and need to be allowed.Type 0 — Echo Reply –> response from target to host Type 8 — Echo Request–>…
Objective: To configure port-channel and associate it to vlan. Servers will use Juniper-Router as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Juniper-Router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Juniper-Router# configure set vlans VLAN-8 description Server-Farm set vlans VLAN-8 vlan-id 8 set vlans VLAN-8 l3-interface irb.8 set interfaces irb unit 8 description “Server Farm Vlan” set interfaces irb unit 8 family inet address 192.168.8.1/24 2. Configure…
Here is sample SNMPv2 and SNMPv3 configuration in Juniper routers. It also detailed on configuring SNMP trap for your Network Monitoring System(NMS). SNMPv2c community: snmpcomm123 management IP address: 192.168.10.100 SNMP Polling Server: 192.168.20.199 SNMP Trap Server: 192.168.20.200 Configuration: set snmp name JUNIPER-SNMP set snmp description “Juniper SNMP” set snmp location Datacentre set snmp community snmp routing-instance mgmt_junos set snmp community snmpcomm123 clients 192.168.10.100/32 Traps Configuration: set snmp trap-options source-address 192.168.10.100 set snmp trap-options agent-address outgoing-interface set snmp trap-group SNMPGROUP version…
One of the best security practices in networking is separation of management traffic and data/control traffic. One way to achieve this is to use the management ports of Juniper devices to physically connect it preferably to different network. The management Ethernet interface is usually em0 or fxp0 in Juniper, and provides out-of-band(OOB)management network of the device. Assuming UTP cables are already connected to both management ports of both routing engine (RE) of the Juniper devices, here are the steps to…
One Comment