## Last changed: 2011-06-12 05:53:56 UTC version 11.1R2.3; system { host-name srxA-1; root-authentication { encrypted-password "$1$SVyy5t4r$B7JEM7b8J7Dom1Hss../S."; ## SECRET-DATA } services { ssh; } syslog { archive size 100k files 3; user * { any emergency; } file messages { any critical; authorization info; } file interactive-commands { interactive-commands error; } file traffic-log { any any; match RT_FLOW_SESSION; } } max-configurations-on-flash 5; max-configuration-rollbacks 5; license { autoupdate { url https://ae1.juniper.net/junos/key_retrieval; } } } interfaces { fe-0/0/0 { unit 0 { family inet { address 10.0.1.201/24; } } } fe-0/0/3 { unit 0 { family inet { address 172.18.1.2/30; } } } fe-0/0/4 { vlan-tagging; unit 101 { vlan-id 101; family inet { address 172.20.101.1/24; } } unit 201 { vlan-id 201; family inet { address 172.20.201.1/24; } } } fe-0/0/5 { unit 0 { family inet { address 172.18.1.1/30; } } } fe-0/0/6 { unit 0 { family inet { address 172.18.2.1/30; } } } lo0 { unit 0 { family inet { address 192.168.1.1/32; } } } } routing-options { static { route 172.18.2.0/30 next-table router.inet.0; } } security { policies { from-zone free-route to-zone free-route { policy free-route { match { source-address any; destination-address any; application any; } then { permit; } } } } zones { functional-zone management { interfaces { fe-0/0/0.0; } host-inbound-traffic { system-services { ssh; } } } security-zone free-route { host-inbound-traffic { system-services { ping; traceroute; } } interfaces { fe-0/0/5.0; fe-0/0/6.0; } } security-zone untrust { host-inbound-traffic { system-services { ping; traceroute; } } interfaces { fe-0/0/3.0; } } } } routing-instances { router { instance-type virtual-router; interface fe-0/0/5.0; interface fe-0/0/6.0; } vr101 { instance-type virtual-router; interface fe-0/0/4.101; } vr201 { instance-type virtual-router; interface fe-0/0/4.201; } }