Security – Device – SRX (Junos Juniper) note

1/ Configuration management:

  • Khi cấu hình cho thiết bị ở xa, sử dung #commit confirm để thiết bị tự động rollback lại sau 10 phút, nếu không có lệnh commit (ngăn ngừa trường hợp thiết bị bị mất kết nối khi apply cấu hình mơi
  • Sử dung > Rollback? đề xem các cấu hình cũ (có thời gian)
  • > show configuration | display set — xem cấu hình dưới dạng lệnh set để lúc cắt dán dễ hơn

2/ Troubleshooting:

Command Description
show version Software version
show chassis hardware detail
Hardware and Serial numbers
show chassis environment Temperatures, Fan and Power Supply
show chassis routing-engine Temperatures, Memory, CPU Load
show interfaces terse Interface States
show interfaces extensive Interface and Zone Counters
monitor interface Real-time interface statistics
show security flow session Current sessions
show system alarms
show chassis alarms
show log
List all Logfiles available
show log messages
Show Log File from beginning
show log messages | last
List last Log Messages
show log messages | match LOGIN
Search within the Log
monitor start <file>
Send Logs to terminal (like tail -f)


junos flow

The trace configuration is:
> set security flow traceoptions file DebugTraffic // DebugTraffic: any name
> set security flow traceoptions flag basic-datapath
//basic-datapath: any name

(> monitor / show log DebugTraffic, basic-datapath …)

3/ Data collection (log, configuration, statistic etc.)

Request support info
  1. Enter: request support information | save /var/log/rsi1.log
  2. Once step #1 completes, wait enough time to ensure that the condition you wish to address continues/appears before proceeding to the next step.
  3. Enter: request support information | save /var/log/rsi2.log




