[j-nsp] Cisco to Juniper
Usman Tahir
ukhant at apollo.com.pk
Tue Sep 21 12:53:28 EDT 2004
Hi
I have to replace a Cisco with juniper Router, below is the config of cisco
router , I have also given configuration of Juniper router , would someone
be kind enough to point out any mistakes in my config, specially in E1 &
OSPF part , in juniper how do we implement (log-adjacency-changes command of
OSPF), I cant actually test this as it is a live site, don't have much
downtime , so would appreciate if someone can help me out
controller E1 2/0
channel-group 1 timeslots 1-31
!
interface Loopback0
ip address 10.16.11.1 255.255.255.255
!
interface FastEthernet0/0
description HEAD OFFICE LAN LINK
ip address 172.16.21.254 255.255.255.0 secondary
ip address 172.16.11.254 255.255.255.0
ip access-group 130 in
ip access-group 130 out
ip accounting output-packets
no ip mroute-cache
duplex auto
speed 100
fair-queue
interface Serial2/0:1
description HEAD OFFICE WAN LINK
ip address 172.16.2.253 255.255.255.0
ip access-group 130 in
ip access-group 130 out
encapsulation ppp
fair-queue
!
router ospf 10
router-id 10.16.11.1
log-adjacency-changes
network 172.16.0.0 0.0.255.255 area 10
!
ip route 0.0.0.0 0.0.0.0 172.16.2.254
!
!
!
access-list 130 deny tcp any eq 5554 any
access-list 130 deny tcp any any eq 5554
access-list 130 deny tcp any eq 445 any
access-list 130 deny tcp any any eq 445
access-list 130 deny tcp any eq 9996 any
access-list 130 deny tcp any any eq 9996
access-list 130 deny icmp any any
access-list 130 permit ip any any
JUNIPER CONFIG
=============
interfaces {
e1-0/1/0 {
description "HEAD OFFICE WAN LINK";
clocking external;
encapsulation ppp;
e1-options {
timeslots 2-32;
}
unit 0 {
family inet {
filter {
input 130;
output 130;
}
address 172.16.2.253/24;
}
}
}
fe-1/3/0 {
unit 0 {
family inet {
filter {
input 130;
output 130;
}
address 172.16.11.254/24 {
preferred;
}
address 172.16.21.254/24;
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 172.16.2.254;
}
router-id 10.16.11.1;
}
protocols {
ospf {
area 0.0.0.10 {
interface fe-1/3/0.0;
interface e1-0/1/0.0;
}
}
}
firewall {
filter 130 {
term T1 {
from {
protocol tcp;
source-port 5554;
}
then {
discard;
}
}
term T2 {
from {
protocol tcp;
destination-port 5554;
}
then {
discard;
}
}
term T3 {
from {
protocol tcp;
source-port 445;
}
then {
discard;
}
}
term T4 {
from {
protocol tcp;
destination-port 445;
}
then {
discard;
}
}
term T5 {
from {
protocol tcp;
source-port 9996;
}
then {
discard;
}
}
term T6 {
from {
protocol tcp;
destination-port 9996;
}
then {
discard;
}
}
term T7 {
from {
protocol icmp;
}
then {
discard;
}
}
term T8 {
then accept;
}
}
}
More information about the juniper-nsp
mailing list