support@davidbombal.com

This video shows you how to import a Juniper version 17.3 vSRX appliance into GNS3. Based on the feedback I have received about my previous videos, I am now showing you how to import and configure the latest version of the Juniper vSRX appliance.

Steps
=====
Note for LAN I have used 10.1.1.254/24

************************
Set Password and save
Login with root and no password
cli
edit
set system root-authentication plain-text-password
commit
exit

************************
Housekeeping
set system host-name GNS3_VSRX1
set system name-server 8.8.8.8
set system name-server 8.8.4.4
set system domain-name gns3.com
set system services ssh

************************

Set IP’s as required and at this stage make sure have LAN address on ge-0/0/0.0 you can ping from LAN host
Set WAN as DHCP and verify address and route.

set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.254/24
set interfaces ge-0/0/0 unit 0 family inet dhcp-client

run show interfaces terse

Do NOT proceed until you have a valid WAN IP and default route so you can ping out to Internet

************************
set security zones security-zone trust interfaces ge-0/0/1.0
set security zones security-zone untrust interfaces ge-0/0/0.0

set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust

set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule match destination-address 0.0.0.0/0

set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface

************************
Misc enable SSH and HTTPS (from LAN)

set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ssh
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services http
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services https

Misc enable SSH and HTTPS (from WAN)

set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services http
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services telnet
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp

set system services web-management http interface ge-0/0/0.0
set system services web-management http interface ge-0/0/1.0
set system services web-management https system-generated-certificate

************************

subscribe
  • David Bombal

Search

Categories

Recent Posts

The best Hacking Courses & Certs (not all these)? Your roadmap to Pentester success.
Free Lab to Train your Own AI (ft Dr Mike Pound – Computerphile)
Pass or Fail? Which is the best?
Will ChatGPT take our jobs?

Will ChatGPT take our jobs?

Future of WiFi?

Future of WiFi?

9 seconds to break a WiFi network using Cloud GPUs
Roadmap to ChatGPT and AI mastery
Hide secret files in music and photos (just like Mr Robot)
She hacked a billionaire, a bank and you could be next. Do this now to protect yourself!
Stop making these mistakes on your resume and interview
2023 Network Engineer path to success: CCNA?
2023 Path to Master Programmer (for free)
Best Programming Language Ever? (Free Course)
What are you going to do in 2023? Tops 5 skills to get!
2023 Path to Master Hacker

2023 Path to Master Hacker

I challenged ChatGPT to code and hack (Are we doomed?)
Free Exploit Development Training (beginner and advanced)
Python Brute Force Password hacking (Kali Linux SSH)
Top Cybersecurity job interview tips (2023 edition)
Hack your grades

Hack your grades