Home > Cisco, FreeBSD, Juniper, SRX210 > Juniper Junos SRX SRX100 SRX210 SRX240 cheat sheet cheat code cheat book cheat list

Juniper Junos SRX SRX100 SRX210 SRX240 cheat sheet cheat code cheat book cheat list

Cheat Sheet for the CLI Commands – Baseline Operations Guide

How to connect?

[sun@example ~]$ ssh root@192.168.1.1
root@192.168.1.1's password:
--- JUNOS 10.0R3.10 built 2010-04-16 08:47:35 UTC
root@srx210%
Juniper has Unix? (FreeBSD/CentOS fashion), play it 
root@srx210>exit
root@srx210% uname -a
JUNOS srx210 10.0R3.10 JUNOS 10.0R3.10 #0: 2010-04-16 08:47:35 UTC     
builder@ormonth.juniper.net:/volume/build/junos/10.0/release/10.0R3.10/obj-octeon/bsd/sys/compile/JSRXNLE
 mips
root@srx210% ifconfig -a | grep fe-0/0/2
fe-0/0/2:       encaps: ether; framing: ether
fe-0/0/2.0:     flags=0x8000 <UP|MULTICAST>
root@srx210%

How the network language concept works? See follow tree:

parent {

parent_child1 {   parent_grand_children { }           }

parent_child2 {   parent_grand_children { }           }

}

Crack it: set parent parent_child1 parent_grand_children XYZ [press tab] [finally press enter]

How to reset or recover the passwrod:

1. boot 2. press s  OR try to press once the reset button for couple of longer seconds until the led shows red.

How to save my settings as backup?

$ save backup1.txt
$ load override backup1.txt
OR

rollback 4

How can i monitor traffic real time?

$ monitor traffic matches “host 192.168.1.1″

OR

root@srx210> monitor traffic interface ge-0/0/0
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on ge-0/0/0, capture size 96 bytes

Reverse lookup for 94.224.207.255 failed (check DNS reachability).
Other reverse lookup failures will not be reported.
Use <no-resolve> to avoid reverse lookups on IP addresses.

09:56:20.849081  In IP 94-224-195-xx.access.telenet.be.17500 > 94.224.207.255.17500: UDP, length 109
09:56:20.849352  In IP 94-224-195-xx.access.telenet.be.17500 > 94.224.207.255.17500: UDP, length 109
^CReverse lookup was interrupted (check DNS reachability).
Use <no-resolve> to avoid reverse lookups on IP addresses.

4 packets received by filter
0 packets dropped by kernel

root@srx210>

How can i delete a settings?

$ delete security nat

Advanced commands:

Table 9: CLI Configuration Mode Commands

Command

Description

activate

Remove the inactive: tag from a statement, effectively reading the statement or identifier to the configuration. Statements or identifiers that have been activated take effect when you next issue the commit command.

Syntax: activate (statement-path | identifier)

annotate

Add comments to a configuration.

Syntax: annotate < statement-path> comment-string

commit

Commit the set of changes to the database and cause the changes to take operational effect.

Syntax: commit <and-quit> <check> <confirmed < minutes >> <synchronize>

copy

Make a copy of an existing statement in the configuration.

Syntax: copy < statement-path> identifier 1 to identifier 2

deactivate

Add the inactive: tag to a statement, effectively commenting out the statement or identifier from the configuration. Statements or identifiers marked as inactive do not take effect when you issue the commit command.

Syntax: deactivate ( statement-path | identifier ?)

delete

Delete a statement or identifier. All subordinate statements and identifiers contained within the specified statement path are deleted with it.

Syntax: delete ( statement-path | identifier)

edit

Move inside the specified statement hierarchy. If the statement does not exist, it is created.

Syntax: edit < statement-path>

exit

Exit the current level of the statement hierarchy, returning to the level prior to the last edit command, or exit from configuration mode. The quit and exit commands are synonyms.

Syntax: exit <configuration-mode>

help

Display help about available configuration statements.

Syntax: help (apropos | reference | syslog | topic ) < string ??>

insert

Insert an identifier into an existing hierarchy.

Syntax: insert < statement-pathidentifier1 (before | after) identifier2

load

Load a configuration from an ASCII configuration file or from terminal input. Your current location in the configuration hierarchy is ignored when the load operation occurs.

Syntax: load (merge | override | replace ) ( filename | terminal)

quit

Exit the current level of the statement hierarchy, returning to the level prior to the last edit command, or exit from configuration mode. The quit and exit commands are synonyms.

Syntax: quit <configuration-mode>

rename

Rename an existing configuration statement or identifier.

Syntax: rename < statement-pathidentifier1 to identifier2

rollback

Return to a previously committed configuration. The software saves the last 10 committed configurations, including the rollback number, date, time, and name of the user who issued the commit configuration command. rollback 0 erases any configuration changes made to the current candidate configuration.

The currently operational JUNOS software configuration is stored in the file juniper.conf, and the last three committed configurations are stored in the filesjuniper.conf.1.gz, juniper.conf.2.gz, and juniper.conf.3.gz. These four files are located in the directory /config/, which is on the router’s flash drive. The remaining six previous committed configurations, the files juniper.conf.4.gz through juniper.conf.9.gz, are stored in the directory /var/db/config/, which is on the router’s hard disk.

Syntax: rollback < number>

run

Run an operational mode CLI command without exiting from configuration mode.

Syntax: run < operation-command>

save

Save the configuration to an ASCII file in the user’s home directory (by default) or to the user’s terminal session. The statement hierarchy and the contents of the current level of the statement hierarchy (and below) are saved. This allows a section of the configuration to be saved, while fully specifying the statement hierarchy.

Syntax: save filename terminal

set

Create a statement hierarchy and set identifier values. This is similar to the edit command except that your current level in the hierarchy does not change, and you can set identifier values, while the edit command only allows access to a statement path.

Syntax: set ( statement-path | identifier )

show

Display the current configuration.

Syntax: show ( statement-path | identifier)

status

Display the users currently editing the configuration.

Syntax: status

top

Return to the top level of configuration command mode, indicated by the [edit] banner, or execute a command from the top level of the configuration.

Syntax: top < configuration-command>

up

Move up one level in the statement hierarchy.

Syntax: up < number>

update

Update a private database. For more information on the update command, see the JUNOS System Basics and Services Command Reference.

Syntax: update

Basic commands:

Command

Description

clear

Clear statistics and protocol database information.

Syntax: clear (arp | bgp | firewall | helper | igmp | ike | ilmi | interfaces | ipsec | ipv6 | isis | ldp | log | mpls | msdp | multicast |ospf | pim | rip | ripng | route | rsvp | snmp | system | vrrp)

configure

Enter CLI configuration mode.

Alternative commands: configure <exclusive> <private>

file

Perform file manipulation operations, such as copy, delete, list, rename, and show.

Syntax: file (compare | copy | delete | list | rename | show)

help

Provide help information.

Syntax: help (reference | syslog | topic)

monitor

Monitor a log file or interface traffic in real time.

Syntax: monitor (interface | list | start | stop | traffic)

mtrace

Display trace information about a multicast path from a source to a receiver.

Syntax: mtrace (from-source | monitor | to-gateway)

ping

Verify IP connectivity to another IP host or Asynchronous Transfer Mode (ATM) connectivity (ping ATM) using Operation Administration and Maintenance (OAM) cells to an ATM endstation.

Syntax: ping host <interface source-interface > <bypass-routing> <count requests > <do-not-fragment> <interval seconds > <patternstring > <record-route> <routing-instance routing-instance-name > <size bytes > <strict> <tos type-of-service > <ttl  value > <via route > <rapid | detail>

Syntax: ping atm interface interface <count count > <end-to-end | segment> <interval interval> <sequence-number sequence-number > <vci vci > <brief>

Syntax: ping vpn-interface vpn-interface host <local echo-address>

pipe

Filter the output of an operational mode or configuration mode command.

Syntax: | (compare | count | display <detail | inheritance | xml> | except pattern | find pattern | last lines | match pattern | no-more |resolve <file-names> | save filename | trim columns)

quit

Log out from the CLI process.

Syntax: quit

request

Make system-level requests, such as halt or reboot the router, load software packages, and back up the router’s file systems.

Syntax: request system (halt | reboot | snapshot | software)

restart

Restart the router hardware or software processes.

Syntax: restart (fpc | class-of-service | gracefully | immediately | interface-control | mib-process | network-access-service | remote-operations | routing | sampling | sfm | snmp | soft)

set

Set CLI properties, the router’s date and time, and the craft interface display text.

Syntax: set (chassis | cli | date)

show

Show information about all aspects of the software, including interfaces and routing protocols.

Syntax: show (accounting | aps | arp | as-path | bgp | chassis | cli | configuration | connections | dvmrp | firewall | helper | host | igmp | ike | ilmi | interfaces | ipsec | ipv6 | isis | l2circuit | l2vpn | ldp | link-management | log | mpls | msdp | multicast | ntp | ospf | pfe | pim | policer | policy | rip | ripng | route | rsvp | sap | snmp | system | task | ted | version | vrrp)

ssh

Open a secure shell to another host.

Syntax: ssh host <bypass-routing> <routing-instance routing-instance-name > <source address > <vpn-interface vpn-interface > <v1 | v2>

start

Start a software process.

Syntax: start shell

telnet

Start a telnet session to another host.

Syntax: telnet host <8bit> <bypass-routing> <inet | inet6> <noresolve> <port port > <interface interface-name> <routing-instancerouting-instance-name > <source address > <vpn-interface vpn-interface>

test

Run various diagnostic debugging commands.

Syntax: test (configuration | interface | msdp | policy)

traceroute

Trace the route to a remote host.

Syntax: traceroute host <as-number-lookup> <bypass-routing> <gateway address > <inet | inet6> <noresolve> <routing-instancerouting-instance-name><source address > <tos value > <ttl value > <vpn-interface vpn-interface > <wait seconds>

And all extra included as following:

  • JUNOS/Juniper EX-series Cheat Sheet
  • JUNOS Cheat-Sheet PDF pdf
  • Juniper NetScreen Policy Configuration Cheat Sheet
  • JUNOS Juniper EX Cheat Sheet
About these ads
Categories: Cisco, FreeBSD, Juniper, SRX210
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: