06 Juni

Juniper SRX – Getting Started

Reference: KB15694

Logging In for the First Time

After installing the SRX Series device, log in as the root user. There is initially no password for the root user. After you initially log in as root, the shell prompt (%) appears. Enter cli at the prompt to start the CLI and enter operational mode. The operational mode prompt is the right angle bracket (>).

To log in for the first time:

  1. At the login prompt, log in as root.
      SRX240 (ttyd0)
      login: root
      ** Welcome to JUNOS:                                              **
      **                                                                **
      **     To run the console configuration wizard, please run the    **
      **     command 'config-wizard' at the 'root%' prompt.             **
      **                                                                **
      **     To enter the JUNOS CLI, please run the command 'cli'.      **
      **                                                                **
  2. At the shell prompt, enter cli.
      [email protected]% cli

    The CLI is started in operational mode.


There is initially no password for the root user, it is required that you set a password for the root user so that you can log in as superuser and gain root-level access to the device and commit the configuration changes that you make. If the root password is not set, you will not be able to commit any configurations. For more information, see Configuring the Root Password.

Edit Your Configuration

Enter configuration mode.

When you first log into the device, the device is in operational mode. You must explicitly enter configuration mode. When you do, the CLI prompt changes from [email protected]> to [email protected]# and the hierarchy level appears in square brackets.

[email protected]> configure
[email protected]#

Create a statement hierarchy.

You can use the edit command to simultaneously create a hierarchy and move to that new level in the hierarchy. You cannot use the edit command to change the value of identifiers.

[email protected]# edit security zones security-zone myzone
[edit security zones security-zone myzone]
[email protected]#

Create a statement hierarchy and set identifier values.

The set command is similar to edit except that your current level in the hierarchy does not change.

[email protected]# set security zones security-zone myzone
[email protected]#

Navigate the Hierarchy

Navigate down to an existing hierarchy level.

[email protected]# edit security zones
[edit security zones]
[email protected]#

Navigate up one level in the hierarchy.

[edit security zones]
[email protected]# up
[edit security]
[email protected]#

Navigate to the top of the hierarchy.

[edit security zones]
[email protected]# top
[email protected]#

Commit or Revert Changes

Commit your configuration.

[email protected]# commit
commit complete

Roll back changes from the current session.

Use the rollback command to revert all changes from the current configuration session. When you run the rollback command before exiting your session or committing changes, the software loads the most recently committed configuration onto the device. You must enter the rollback statement at the edit level in the hierarchy.

[email protected]# rollback
load complete

Exit Configuration Mode

Commit the configuration and exit configuration mode.

[email protected]# commit and-quit
[email protected]>

Exit configuration mode without committing your configuration.

You must navigate to the top of the hierarchy using the up or top commands before you can exit configuration mode.

[email protected]# exit
The configuration has been changed but not committed
Exit with uncommitted changes? [yes,no] (yes)

Get Help

Display a list of valid options for the current hierarchy level.

[edit ]
[email protected]host# edit security zones ?
Possible completions: <[Enter]>
Execute this command > functional-zone
Functional zone > security-zone
Security zones | Pipe through a command [edit]

Configuring the Name of the Router, IP Address, and System ID

The following example shows how to configure the router’s name, map the name to an IP address and alias, and configure a system identifier:

[email protected]# set system host-name srx240-firewall
[email protected]# set system static-host-mapping srx240-firewall inet
[email protected]# set system static-host-mapping srx240-firewall alias firewall
[email protected]# set system static-host-mapping srx240-firewall sysid 1921.6800.1077
[email protected]# show
system {
    host-name router-sj1;
    static-host-mapping {
        router-sj1 {
            alias sj1;
            sysid 1921.6800.1077;

Di Terbitkan Oleh Winston Sahusilawane Pada Rubrik Juniper : 06 Juni, 2011 |