I started to play with the Juniper SRX platform a few month ago. I got a SRX 220 on loan from Rafael and i bought a SRX100 for my experimentations. The JunOS operating system installed on the boxes is heavily based on FreeBSD, so we’re in familar Unix-land. This is going to be fun. 🙂
I have access to lab documentation, but i will not exactly reproduce the setup from the books: there will be some adaptations (mainly about port numbering) that will fit my lab setup, since I will work on those devices from a remote location and i will not enjoy 100% physical access during my exercises. To make matters even more interesting, i still have my old ADSL connection that will be used as a separate internet access.
The default configuration is a simple NATing firewall/router, similar to the one you might expect from a stock OpenWRT installation. There is a web interface, but i will just ignore it, so let’s dig out the Cisco serial cable and connect to the console port.
Configuring the SRXes over serial port is nice, but they are available only in limited quantity on my Terminator server, so we will start by setting up the devices for a more convenient ssh access from my home network. The config statements allow for comments: they start with the character ‘#’ and the commands will be peppered with them, so you can copy-paste huge blocks of text at once.
We will start with the SRX100: the management port is connected to port 7 on the firewall
# Set system root password (REQUIRED) set system root-authentication plain-text-password # Check if config passes commit check # Remove interface from bridge delete interfaces fe-0/0/7 unit 0 # Add ssh pubkey set system root-authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC98TAUD9PPuzRj5uyHWlxZiXGLm1JI7T2hPNwmW9pU5V/guoJ90VTNQ7lugEoX8HYxB7JC0/RA5ogJBkhcQHIAMIGT6yM7F2zzVv9LadbiMU0KrB2dZVmPKKxi49uqqj+d8zIWTbm4tLf7xdF42kr7c2AUl1kYzaD1ymlAXSavvHTg7y/h2/mZ36F7WZmVwa7Q6iI5Vuca66lauwGgl1ETS2lwneQn+CWDZFMSFDT9TmphR8mpISi8063oTwvvHa/t0bpeQnKltg1iqM2YGTlIGTgXuEWsiAARfF96zhOUAXseA9WHeCTDUITmycFau4+ILxVH47Z6oC11W52BtwIf frederic@pekko" # Set IP address set interfaces fe-0/0/7 unit 0 family inet address 192.168.4.60/26 # Put interface into mgmt zone and activate services set security zones security-zone mgmt interfaces fe-0/0/7.0 host-inbound-traffic system-services http set security zones security-zone mgmt interfaces fe-0/0/7.0 host-inbound-traffic system-services https set security zones security-zone mgmt interfaces fe-0/0/7.0 host-inbound-traffic system-services ssh set security zones security-zone mgmt interfaces fe-0/0/7.0 host-inbound-traffic system-services ping # save changes commit
# From now, ssh is available and we can disconnect the serial interface. It won’t be used for the rest of the experimentations unless we need to move the management interface to another port. Now, let’s set up PPPoE…
set interfaces fe-0/0/0 unit 0 encapsulation ppp-over-ether set interfaces pp0 unit 0 ppp-options chap local-name <YOUR_USERNAME> set interfaces pp0 unit 0 ppp-options chap default-chap-secret <YOUR_PASSWORD> set interfaces pp0 unit 0 pppoe-options underlying-interface fe-0/0/0.0 set interfaces pp0 unit 0 pppoe-options client # When using PPPoE, always set MTU to 1492 set interfaces pp0 unit 0 family inet mtu 1492 set interfaces pp0 unit 0 family inet negotiate-address # Explicitly tell to use the PPPoE interface as default route set routing-options static route 0.0.0.0/0 next-hop pp0.0 metric 0 commit
At that point, the PPPoE session is established. Let’s check it:
run show interfaces terse <snip> ... </snip> pimd up up pime up up pp0 up up pp0.0 up up inet 22.214.171.124 --> 126.96.36.199 ppd0 up up ppe0 up up st0 up up tap up up vlan up up vlan.0 up up inet 192.168.1.1/24
This looks good ! We have an IP address from our ISP ! Let’s attack the SRX220…