一、實驗環境
Juniper vSRX 12.1
二、配置管理口步驟
2.0 console進入命令行窗口,初始化用戶root,密碼為空
2.1 配置接口IP地址
set interfaces ge-0/0/1 unit 0 family inet address 192.168.20.2/24
2.2 創建區域
set security zones security-zone trust
2.3 配置接口區域
set security zones security-zone trust interfaces ge-0/0/1.0
2.4 配置允許訪問接口的哪些服務
set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ping set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services ssh set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services http set security zones security-zone trust interfaces ge-0/0/1.0 host-inbound-traffic system-services https
commit
2.5 查看接口信息
show interfaces ge-0/0/1.0
2.6 配置HTTP登陸
set system services web-management http interface ge-0/0/1.0
2.7 配置https登陸
set system services web-management https system-generated-certificate
set system services web-management https interface ge-0/0/1.0
2.8 配置ssh登陸
set system services ssh
2.9 登陸web界面
三、常見問題
3.1 如果commit出現 error:commit failed: (missing statements)
解決方法:需要設置管理員密碼
set system root-authentication plain-text-password
commit
3.2 如果登陸http頁面,url自動跳轉到http://管理地址/servererror.php?code=401,顯示該網頁無法正常運作
解決方法:http登陸方式未開啟
set system services web-management http interface ge-0/0/1.0