Hi all,
Because junos is spreading rappedly over the world, because of the launch of the SRX devices. I had to make the switch also.
As mentioned before, i worked/work a lot with ScreenOS, and must say i don't mind to make the switch to JUNOS if needed.
JUNOS is a ritch and nice OS, the more you work with it the more you will love it. It has nice advanced features, which you would love to have in ScreenOS (but sadly never will ...)
So because of this switch i wanted to check if i understand the junos security solution and did the exames JNCIS-ES.
I passed and have a other Certificate I can hang on the wall (well put in one of the schelfs with the other ...)
If you want to go the JUNOS way. I suggest you look at the fasttrack.
Fasttrack
Greetz,
Frac
Showing posts with label JUNOS. Show all posts
Showing posts with label JUNOS. Show all posts
Wednesday, August 26, 2009
Wednesday, June 10, 2009
Use a ScreenOS device to run JUNOS
Hi All,
Because of the nice coming SRX devices for the Branch, more and more people will need to learn JUNOS. Because most of use are used to work with ScreenOS, we also have more ScreenOS devices then JUNOS ones (SSG320/SSG350/SSG520/SSG550 instead of the J-series).
Well here is a how to, that explains how you can make a usb stick ready to run JUNOS and use this one on a device that is running ScreenOS.
First we need 1 device that runs JUNOS (j-series), on this device we will plug in the USB stick and create a copy of the OS.
root@router>request system snapshot as-primary partition media usb
Clearing current label...
Partitioning usb media (da0) ...
Partitions on snapshot:
Partition Mountpoint Size Snapshot argument
a / 1024MB root-size
e /config 196MB config-size
g /data 701MB data-size
Running newfs (1024MB) on usb media / partition (da0s1a)...
Running newfs (196MB) on usb media /config partition (da0s1e)...
Running newfs (701MB) on usb media /data partition (da0s1g)...
Copying '/dev/ad0s1a' to '/dev/da0s1a' .. (this may take a few minutes)
Copying '/dev/ad0s1e' to '/dev/da0s1e' .. (this may take a few minutes)
The following filesystems were archived: / /config
After this we can use this USB stick to use in a ScreenOS device (or in a JUNOS device)
IF you want to use this USB stick on a JUNOS device do the following:
root@router> request system reboot media usb
This will make the router reboot and boot from USB stick (you can use this to test upgrades for example)
IF you want to use this USB stick on a ScreenOS device do the following:
SSG350M-> System change state to Active(1)
SSG350M->
SSG350M-> set boot junos usb
Boot device has been set to USB
SSG350M->reset
Configuration modified, save? [y]/n n
System reset, are you sure? y/[n] y
In reset ...
After this you will boot in JUNOS (so you are running JUNOS on a ScreenOS device).
When you do a "request system reboot", he will boot back from Compact Flash and will ofcourse run ScreenOS again.
I use this to have a lot of JUNOS devices, because we have a lot of SSG in our lab running ScreenOS. (Most deployed devices at customers are ScreenOS, But this can/will change now with the SRX Branch devices.
GreetZ,
Frac
Because of the nice coming SRX devices for the Branch, more and more people will need to learn JUNOS. Because most of use are used to work with ScreenOS, we also have more ScreenOS devices then JUNOS ones (SSG320/SSG350/SSG520/SSG550 instead of the J-series).
Well here is a how to, that explains how you can make a usb stick ready to run JUNOS and use this one on a device that is running ScreenOS.
First we need 1 device that runs JUNOS (j-series), on this device we will plug in the USB stick and create a copy of the OS.
root@router>request system snapshot as-primary partition media usb
Clearing current label...
Partitioning usb media (da0) ...
Partitions on snapshot:
Partition Mountpoint Size Snapshot argument
a / 1024MB root-size
e /config 196MB config-size
g /data 701MB data-size
Running newfs (1024MB) on usb media / partition (da0s1a)...
Running newfs (196MB) on usb media /config partition (da0s1e)...
Running newfs (701MB) on usb media /data partition (da0s1g)...
Copying '/dev/ad0s1a' to '/dev/da0s1a' .. (this may take a few minutes)
Copying '/dev/ad0s1e' to '/dev/da0s1e' .. (this may take a few minutes)
The following filesystems were archived: / /config
After this we can use this USB stick to use in a ScreenOS device (or in a JUNOS device)
IF you want to use this USB stick on a JUNOS device do the following:
root@router> request system reboot media usb
This will make the router reboot and boot from USB stick (you can use this to test upgrades for example)
IF you want to use this USB stick on a ScreenOS device do the following:
SSG350M-> System change state to Active(1)
SSG350M->
SSG350M-> set boot junos usb
Boot device has been set to USB
SSG350M->reset
Configuration modified, save? [y]/n n
System reset, are you sure? y/[n] y
In reset ...
After this you will boot in JUNOS (so you are running JUNOS on a ScreenOS device).
When you do a "request system reboot", he will boot back from Compact Flash and will ofcourse run ScreenOS again.
I use this to have a lot of JUNOS devices, because we have a lot of SSG in our lab running ScreenOS. (Most deployed devices at customers are ScreenOS, But this can/will change now with the SRX Branch devices.
GreetZ,
Frac
Tuesday, November 18, 2008
ScreenOS vs JUNOS
Hi all,
You all know i am a big fan of the Juniper FW/VPN appliances (Old Netscreen firewalls/vpn). This was because of the very powerfull ScreenOS. it is a very easy and power full OS, which had unbelievable debug features.
But 2 years ago i came in contact with a even more nice and powerfull OS: JUNOS.
This was like a new world that had been opened for me ...
The first years of my career i have been working with IOS and after 1,5 year i saw the netscreen products and was sure this is one of the finest OS's out there. But this was because i never saw JUNOS before.
Some examples of what JUNOS has and ScreenOS doesn't:
Cons ScreenOS:
- bindings (objects are bind to eachother so you can't edit or change them)
> This is something i really hate about screenOS
- working directly in running config.
>this is also a big pain of IOS.
- only one active and one saved config.
Pro's ScreenOS:
- Debugging
> this is one of the best debugging engines i have ever seen.
- Vrouters/SBR/SIBR/PBR
- Route based VPN's
Con's JUNOS:
This is really a hard one.
- Debugging (and this is because i still find the screenOS based debugging engine the best i worked with. BUT Juniper is putting a lot of effort in this, and the last release 9.2 was almost the same then the screenos debug output)
Pro's JUNOS:
- Candidate config.
> When you change the config, you work in a candidate config. This is copy of the active config, which means when i change something in this config it isn't active yet.
- commit confirm
> this command will activate your changes, but will ask you to confirm it after a given time. If you don't confirm, he will do a automatic rollback to the previous config version. AND this without a reboot!!
- rename
> you are able to change a config from one interface to other with one one command (just rename the interface name for example.
- macro's
> you are able to make your own macro's. one example is: if your company has a config policy (like always place discription when configuring a interface / when you do a save of a config you need to give comments / etc...). this is all possible with JUNOS.
Because of all these nice features, i can only say one thing.... I love JUNOS!!
For all engineers out there, just try this OS and you will see how powerfull it is.
I will try to give some example later on.
Cu all later
You all know i am a big fan of the Juniper FW/VPN appliances (Old Netscreen firewalls/vpn). This was because of the very powerfull ScreenOS. it is a very easy and power full OS, which had unbelievable debug features.
But 2 years ago i came in contact with a even more nice and powerfull OS: JUNOS.
This was like a new world that had been opened for me ...
The first years of my career i have been working with IOS and after 1,5 year i saw the netscreen products and was sure this is one of the finest OS's out there. But this was because i never saw JUNOS before.
Some examples of what JUNOS has and ScreenOS doesn't:
Cons ScreenOS:
- bindings (objects are bind to eachother so you can't edit or change them)
> This is something i really hate about screenOS
- working directly in running config.
>this is also a big pain of IOS.
- only one active and one saved config.
Pro's ScreenOS:
- Debugging
> this is one of the best debugging engines i have ever seen.
- Vrouters/SBR/SIBR/PBR
- Route based VPN's
Con's JUNOS:
This is really a hard one.
- Debugging (and this is because i still find the screenOS based debugging engine the best i worked with. BUT Juniper is putting a lot of effort in this, and the last release 9.2 was almost the same then the screenos debug output)
Pro's JUNOS:
- Candidate config.
> When you change the config, you work in a candidate config. This is copy of the active config, which means when i change something in this config it isn't active yet.
- commit confirm
> this command will activate your changes, but will ask you to confirm it after a given time. If you don't confirm, he will do a automatic rollback to the previous config version. AND this without a reboot!!
- rename
> you are able to change a config from one interface to other with one one command (just rename the interface name for example.
- macro's
> you are able to make your own macro's. one example is: if your company has a config policy (like always place discription when configuring a interface / when you do a save of a config you need to give comments / etc...). this is all possible with JUNOS.
Because of all these nice features, i can only say one thing.... I love JUNOS!!
For all engineers out there, just try this OS and you will see how powerfull it is.
I will try to give some example later on.
Cu all later
Subscribe to:
Posts (Atom)
wim@securelink.be
Frac @ LinkedIn
Posts
