Category: Juniper

  • Configuring NAT66 on ScreenOS

    I recently had to deploy redeploy an old NetScreen 5GT to segregate a production LAN and create a small lab network. The production LAN has a routable IPv6 /64 prefix, delivered via a Hurricane Electric IPv6 tunnel. The lab network also required IPv6 connectivity. We also recently obtained a /48 prefix from Hurricane Electric, so…

  • Exporting a X.509 certificate public key from Junos

    I’ve just spent the last couple of hours trying to find a way to export the public key from a locally generated, self-signed X.509 certificate on a Juniper SRX-100 firewall. Apparently there is no Junos CLI command to do this, so after poking around the filesystem from a shell on the box, I found the…

  • The Amazing Unmanaged Trunk Mode Switch

    Have you ever needed to set up a bunch of equipment on a boardroom table or some other temporary location, and needed both native and 802.1q tagged VLANs, but only had one available switchport? A quick n’ dirty solution is to use an unmanaged switch, such as one of the numerous 8-port desktop switches from…

  • Retrieving NetScreen/SSG config via scp

    There are a couple of prerequisites before you can copy the config from a NetScreen or SSG via scp. First, obviously ssh and scp need to be enabled: set ssh version v2 set ssh enable set scp enable And of course, you need to enable ssh management on the interface you’re going to connect to…