This video shows you how to import a Juniper version 17.3 vSRX appliance into GNS3. Based on the feedback I have received about my previous videos, I am now showing you how to import and configure the latest version of the Juniper vSRX appliance.

Steps
=====
Note for LAN I have used 10.1.1.254/24

************************
Set Password and save
Login with root and no password
cli
edit
set system root-authentication plain-text-password
commit
exit

************************
Housekeeping
set system host-name GNS3_VSRX1
set system name-server 8.8.8.8
set system name-server 8.8.4.4
set system domain-name gns3.com
set system services ssh

************************

Set IP’s as required and at this stage make sure have LAN address on ge-0/0/0.0 you can ping from LAN host
Set WAN as DHCP and verify address and route.

set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.254/24
set interfaces ge-0/0/0 unit 0 family inet dhcp-client

run show interfaces terse

Do NOT proceed until you have a valid WAN IP and default route so you can ping out to Internet

************************
set security zones security-zone trust interfaces ge-0/0/1.0
set security zones security-zone untrust interfaces ge-0/0/0.0

set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust

set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule match destination-address 0.0.0.0/0

set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface

************************
Misc enable SSH and HTTPS (from LAN)

set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ssh
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services http
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services https

Misc enable SSH and HTTPS (from WAN)

set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services http
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services telnet
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp

set system services web-management http interface ge-0/0/0.0
set system services web-management http interface ge-0/0/1.0
set system services web-management https system-generated-certificate

************************