[j-nsp] Cisco to Juniper

Usman Tahir ukhant at apollo.com.pk
Tue Sep 21 12:53:28 EDT 2004


Hi 

 

I have to replace a Cisco with juniper Router, below is the config of cisco
router , I have also given configuration of Juniper router , would someone
be kind enough to point out any mistakes in my config, specially in E1 &
OSPF part , in juniper how do we implement (log-adjacency-changes command of
OSPF), I cant actually test this as it is a live site, don't have much
downtime , so would appreciate if someone can help me out 

 

controller E1 2/0

 channel-group 1 timeslots 1-31

!

 

 

interface Loopback0

 ip address 10.16.11.1 255.255.255.255

!

interface FastEthernet0/0

 description HEAD OFFICE LAN LINK

 ip address 172.16.21.254 255.255.255.0 secondary

 ip address 172.16.11.254 255.255.255.0

 ip access-group 130 in

 ip access-group 130 out

 ip accounting output-packets

 no ip mroute-cache

 duplex auto

 speed 100

 fair-queue

 

interface Serial2/0:1

 description HEAD OFFICE WAN LINK

 ip address 172.16.2.253 255.255.255.0

 ip access-group 130 in

 ip access-group 130 out

 encapsulation ppp

 fair-queue

!

 router ospf 10

 router-id 10.16.11.1

 log-adjacency-changes

 network 172.16.0.0 0.0.255.255 area 10

!

ip route 0.0.0.0 0.0.0.0 172.16.2.254

!

!

!

access-list 130 deny   tcp any eq 5554 any

access-list 130 deny   tcp any any eq 5554

access-list 130 deny   tcp any eq 445 any

access-list 130 deny   tcp any any eq 445

access-list 130 deny   tcp any eq 9996 any

access-list 130 deny   tcp any any eq 9996

access-list 130 deny   icmp any any

access-list 130 permit ip any any

 

 

 

JUNIPER CONFIG

=============

 

 

 

interfaces {

    e1-0/1/0 {

        description "HEAD OFFICE WAN LINK";

        clocking external;

        encapsulation ppp;

        e1-options {

            timeslots 2-32;

        }

        unit 0 {

            family inet {

                filter {

                    input 130;

                    output 130;

                }

                address 172.16.2.253/24;

            }

        }

    }

 

fe-1/3/0 {

        unit 0 {

            family inet {

                filter {

                    input 130;

                    output 130;

                }

                address 172.16.11.254/24 {

                    preferred;

                }

                address 172.16.21.254/24;

            }

        }

    }

routing-options {

    static {

        route 0.0.0.0/0 next-hop 172.16.2.254;

    }

    router-id 10.16.11.1;

}

protocols {

    ospf {

        area 0.0.0.10 {

            interface fe-1/3/0.0;

            interface e1-0/1/0.0;

        }

    }

}

firewall {

    filter 130 {

        term T1 {

            from {

                protocol tcp;

                source-port 5554;

            }

            then {

                discard;

            }

        }

        term T2 {

            from {

                protocol tcp;

                destination-port 5554;

            }

            then {

                discard;

            }

        }

        term T3 {

            from {

                protocol tcp;

                source-port 445;

            }

            then {

                discard;

            }

        }

        term T4 {

            from {

                protocol tcp;

                destination-port 445;

            }

            then {

                discard;

            }

        }

        term T5 {

            from {

                protocol tcp;

                source-port 9996;

            }

            then {

                discard;

            }

        }

        term T6 {

from {

                protocol tcp;

                destination-port 9996;

            }

            then {

                discard;

            }

        }

        term T7 {

            from {

                protocol icmp;

            }

            then {

                discard;

            }

        }

        term T8 {

            then accept;

        }

    }

}



More information about the juniper-nsp mailing list