## Last changed: 2019-07-13 21:10:39 UTC version 15.1X49-D180.2; groups { node0 { system { host-name srx340-01; } interfaces { fxp0 { unit 0 { family inet { address 10.101.1.1/24; } } } } } node1 { system { host-name srx340-02; } interfaces { fxp0 { unit 0 { family inet { address 10.101.1.2/24; } } } } } } apply-groups "${node}"; system { services { ssh; } } chassis { alarm { management-ethernet { link-down ignore; } } cluster { reth-count 3; redundancy-group 0 { node 0 priority 100; node 1 priority 1; } redundancy-group 2 { node 1 priority 1; node 0 priority 100; interface-monitor { ge-0/0/3 weight 255; ge-5/0/3 weight 255; } } } } security { ike { } ipsec { } alg { dns { doctoring { sanity-check; } } } screen { ids-option untrust-screen { icmp { ping-death; } ip { source-route-option; tear-drop; } tcp { syn-flood { alarm-threshold 1024; attack-threshold 200; source-threshold 1024; destination-threshold 2048; timeout 20; } land; } } } nat { source { rule-set Outside_NAT { from zone [ TEST trust ]; to zone untrust; rule source-nat-rule { match { source-address 0.0.0.0/0; } then { source-nat { interface; } } } } } destination { } static { } proxy-arp { interface reth0.0 { address { } } } } policies { from-zone TEST to-zone TEST { policy allow-all { match { source-address any; destination-address any; application any; } then { permit; } } } } zones { security-zone TEST { interfaces { irb.100 { host-inbound-traffic { system-services { ping; snmp; } } } } } } } interfaces { ge-0/0/3 { gigether-options { redundant-parent reth1; } } ge-5/0/3 { gigether-options { redundant-parent reth1; } } fab0 { fabric-options { member-interfaces { ge-0/0/2; } } } fab1 { fabric-options { member-interfaces { ge-5/0/2; } } } irb { unit 0 { family inet { address 10.101.0.1/24; } } unit 2 { family inet { address 10.101.2.2/24; } } unit 100 { family inet { address 10.101.41.1/24; } } } reth1 { native-vlan-id 100; redundant-ether-options { redundancy-group 2; minimum-links 1; } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ TEST ]; } } } } } routing-options { static { route 0.0.0.0/0 next-hop 1.1.1.1; route 10.103.0.0/16 next-hop st0.103; route 10.10.103.0/24 next-hop st0.103; } } access { } applications { } vlans { TEST { vlan-id 100; l3-interface irb.100; } }