Juniper 주니퍼 Netscreen NS-025-005 VPN/VPN/Firewall 초기화 예제 및 번역
2009.10.26 09:55 | Juniper Networks | 김광호http://kr.blog.yahoo.com/kgh57150/2461
출처: 야후계정이 없어서 댓글을 못 달았습니다.
문제 발생시 메일이나 댓글을 주시면 삭제하겠습니다.
주 니퍼 네트웍스 주니퍼 네트웍스, 넷스크린 - 보안 관리자가 시스템을 사용하기 쉬운 중앙 집중식 관리 솔루션과 함께 사용하는 부서를 제공함으로써 네트워크 및 보안 관리에 대한 새로운 접근 방법을 필요는 주니퍼 네트웍스의 방화벽의 모든 측면을 제어 /은 IPSec VPN 및 IDP는 장치의 구성을 포함한 제품 네트워크 설정 및 보안 정책. 단일 장치, 넷스크린 - 보안 관리자를 제어하는 여러 관리 도구를 사용하여 필요로하는 일부 솔루션과 달리 IT 부서를 단일 중앙 집중식 솔루션의 전체 라이프 사이클 장치를 제어할 수있습니다. 를 사용하여 넷스크린 - 보안 관리자 시스템, 장치 기술자, 네트워크 관리자, 보안 관리자가 같이 관리 효율 및 보안, 오버헤드 감소를 개선하고, 더 낮은 운영 비용을 사용할 수있습니다.
넷스크린 - 보안 관리자가 시스템에 주니퍼 네트웍스의 통계 보고서 서버를 관리하는 방화벽에서 통계 정보를 저장하기위한 옵션 모듈 / 네트워크에서 IPSec VPN 장치, 그리고이 데이터로부터 생성하는 보고서에 대한 추가보고에 대한 정보를 분석함으로써 사용 보안 배포. 통계에 따르면, 웹 인터페이스에서, 고객의 40 보고서를 선택하여 볼 수 있으며 네트워크 트래픽, 장치 및 VPN, 통계, 시스템 자원 분석, 및 기타 행정 정보를 선택할 수있습니다. 또한 사용자 정의할 수있습니다 손님은 일반적으로 사용되는 리포트를위한 템플릿 및 예약에 따라 정기적 이러한 생성합니다.
Juniper Networks NetScreen-Security Manager system takes a new approach to network and security management by providing IT departments with an easy-to-use centralized management solution that controls all aspects of the Juniper Networks Firewall / IPSec VPN and IDP products including device configuration, network settings, and security policy. Unlike some solutions that require the use of multiple management tools to control a single device, NetScreen-Security Manager enables IT departments to control the entire device life cycle with a single, centralized solution. Using the NetScreen-Security Manager system, device technicians, network administrators, and security administrators can work together to improve management efficiency and security, reduce overhead, and lower operating costs.
The NetScreen-Security Manager system uses Juniper Networks Statistical Report Server, an optional module for storing statistical information from the managed firewall / IPSec VPN devices in the network, and for generating reports from this data, enabling further viewing and analysis of the information about a security deployment. From the Statistical Report Web Interface, customers can choose from a selection of over 40 reports to view and analyze network traffic, device and VPN statistics, system resources, and other administrative information. Customers can also customize templates for commonly used reports, and generate these on a regularly scheduled basis.
*** 부팅 자료 ***
Ignore image authentication!
Start loading...
.........................................................................................................
Done.
Juniper Networks, Inc
Copyright, 1997-2006
Version 5.4.0r8.0
Load Manufacture Information ... Done
Load NVRAM Information ... (5.4.0)Done
Install module init vectors
Verify ACL register default value (at hw reset) ... Done
Verify ACL register read/write ... Done
Verify ACL rule read/write ... Done
Verify ACL rule search ... Done
MD5("a") = 0cc175b9 c0f1b6a8 31c399e2 69772661
MD5("abc") = 90015098 3cd24fb0 d6963f7d 28e17f72
MD5("message digest") = f96b697d 7cb7938d 525a2f31 aaf161d0
Verify DES register read/write ... Done
Install modules (00e40000,01a7c9b4) ...
load dns table : dns table file does not exist.
Initializing DI 1.1.0-ns
System config (4284 bytes) loaded
.
Done.
Load System Configuration .........................................................................................................................................................................................................................................................................................................................................................................................................................................Done
system init done..
login: 0096082006000909 <---- 본체의 시리얼 번호를 입력
password: <---- 본체의 시리얼 번호를 입력
!!! Lost Password Reset !!! You have initiated a command to reset the device to factory defaults, clearing all current configuration and settings. Would you like to continue? y/[n] y
!! Reconfirm Lost Password Reset !! If you continue, the entire configuration of the device will be erased. In addition, a permanent counter will be incremented to signify that this device has been reset. This is your last chance to cancel this command. If you proceed, the device will return to factory default configuration, which is: System IP: 192.168.1.1; username: netscreen, password: netscreen. Would you like to continue? y/[n] y
In reset ...
?
NetScreen NS-25/50 Boot Loader Version 3.0.0 (Checksum: D1C6421F)
Copyright (c) 1997-2003 NetScreen Technologies, Inc.
Total physical memory: 128MB
Test - Pass
Initialization - Done
Model Number: NS-25
Hit any key to run loader
Hit any key to run loader
Hit any key to run loader
Hit any key to run loader
Loading default system image from on-board flash disk...
Ignore image authentication!
Start loading...
.........................................................................................................
Done.
Juniper Networks, Inc
Copyright, 1997-2006
Version 5.4.0r8.0
Load Manufacture Information ... Done
Load NVRAM Information ... (5.4.0)Done
Install module init vectors
Verify ACL register default value (at hw reset) ... Done
Verify ACL register read/write ... Done
Verify ACL rule read/write ... Done
Verify ACL rule search ... Done
MD5("a") = 0cc175b9 c0f1b6a8 31c399e2 69772661
MD5("abc") = 90015098 3cd24fb0 d6963f7d 28e17f72
MD5("message digest") = f96b697d 7cb7938d 525a2f31 aaf161d0
Verify DES register read/write ... Done
Install modules (00e40000,01a7c9b4) ...
load dns table : dns table file does not exist.
Initializing DI 1.1.0-ns
*********************************************************
System time:
If this is the initial device startup,
use the "set clock" command to set the system clock.
*********************************************************
system init done..
login: netscreen <---- 초기화후 기본 패스워드
password: netscreen <---- 초기화후 기본 패스워드
ns25-> get system <---- 시스템 상태를 보여주는 명령어
Product Name: NetScreen-25
Serial Number: , Control Number: 00000000
Hardware Version: 4010(0)-(00), FPGA checksum: 00000000, VLAN1 IP (0.0.0.0)
Software Version: 5.4.0r8.0, Type: Firewall+VPN
Compiled by build_master at: Thu Nov 15 16:51:45 PST 2007
Base Mac:
File Name: ns50ns25.5.4.0r8.0, Checksum: 2252f3a0
Date 10/26/2009 10:44:58, Daylight Saving Time enabled
The Network Time Protocol is Disabled
Up 0 hours 4 minutes 19 seconds Since 26Oct2009:10:40:39
Total Device Resets: 1, Last Device Reset at: 10/26/2009 10:39:35
System in NAT/route mode.
Use interface IP, Config Port: 80
User Name: netscreen
Interface ethernet1:
description ethernet1
number 0, if_info 0, if_index 0, mode nat
link down, phy-link down
vsys Root, zone Trust, vr trust-vr
dhcp client disabled
PPPoE disabled
admin mtu 0, operating mtu 1500, default mtu 1500
*ip 192.168.1.1/24 mac
*manage ip 192.168.1.1, mac
route-deny disable
bandwidth: physical 0kbps, configured egress [gbw 0kbps mbw 0kbps]
configured ingress mbw 0kbps, current bw 0kbps
total allocated gbw 0kbps
Interface ethernet2:
description ethernet2
number 5, if_info 1040, if_index 0, mode nat
link down, phy-link down
vsys Root, zone DMZ, vr trust-vr
dhcp client disabled
PPPoE disabled
admin mtu 0, operating mtu 1500, default mtu 1500
*ip 0.0.0.0/0 mac
*manage ip 0.0.0.0, mac
bandwidth: physical 0kbps, configured egress [gbw 0kbps mbw 0kbps]
configured ingress mbw 0kbps, current bw 0kbps
total allocated gbw 0kbps
Interface ethernet3:
description ethernet3
number 6, if_info 1248, if_index 0, mode route
link down, phy-link down
vsys Root, zone Untrust, vr trust-vr
dhcp client disabled
PPPoE disabled
admin mtu 0, operating mtu 1500, default mtu 1500
*ip 0.0.0.0/0 mac
*manage ip 0.0.0.0, mac
bandwidth: physical 0kbps, configured egress [gbw 0kbps mbw 0kbps]
configured ingress mbw 0kbps, current bw 0kbps
total allocated gbw 0kbps
Interface ethernet4:
description ethernet4
number 7, if_info 1456, if_index 0
link down, phy-link down
vsys Root, zone Null, vr untrust-vr
admin mtu 0, operating mtu 1500, default mtu 1500
*ip 0.0.0.0/0 mac
bandwidth: physical 0kbps, configured egress [gbw 0kbps mbw 0kbps]
configured ingress mbw 0kbps, current bw 0kbps
total allocated gbw 0kbps
ns25-> ? <---- HELP와 같은 명령어
clear clear dynamic system info
delete delete persistent info in flash
exec exec system commands
exit exit command console
get get system information
mtrace multicast traceroute from source to destination
ping ping other host
reset reset system
save save command
set configure system parameters
trace-route trace route
unset unconfigure system parameters
ns25->
** Home Page ** http://blog.empas.com/kgh57150/ 하드웨어뱅크 or (주)누리인프라
(주) 누리인프라
www.hardwarebank.net
www.hwbank.co.kr
sales@hwbank.co.kr
** site **
http://kr.blog.yahoo.com/kgh57150
http://blog.paran.com/hardwarebank
http://club.paran.com/club/home.do?clubid=hardwarebank
http://blog.danawa.com/hardwarebank
http://blog.daum.net/hardwarebank/?_top_blogtop=go2myblog
http://cafe.daum.net/hardwarebank
http://blog.naver.com/kkh57150
http://cafe.naver.com/hardwarebank.cafe
yahoo gugi(야후 거기)
http://kr.gugi.yahoo.com/detail/detailInfo/DetailInfoAction.php?cid=2633928447&p=%C7%CF%B5%E5%BF%FE%BE%EE%B9%F0%C5%A9
http://www.reviewist.co.kr/review/list.php?rg_id=1&rc_id=1