Setting up SureVoIP Broadband on Juniper SRX Router

This guide will apply in general to all Juniper routers with a built-in ADSL modem.

It is assumed you require only basic NAT and the ADSL service is your only internet connection. If your requirements require a more complex set up then please consult an Authorised Juniper Partner for further advice.

Please note regarding the sample configuration below:

  • Does not provide DHCP service to LAN
  • London time zone with BST set
  • Uses SureVoIP DNS servers
  • Basic NAT
  • IPv6 disabled
deactivate interfaces pt-1/0/0
set interfaces at-1/0/0 description "SureVoIP Business Broadband"
set interfaces at-1/0/0 encapsulation atm-pvc
set interfaces at-1/0/0 atm-options vpi 0
set interfaces at-1/0/0 unit 0 encapsulation atm-ppp-vc-mux
set interfaces at-1/0/0 unit 0 vci 0.38
set interfaces at-1/0/0 unit 0 ppp-options chap default-chap-secret "REFER TO WELCOME PACK FOR PASSWORD" # Refer to Welcome Pack
set interfaces at-1/0/0 unit 0 ppp-options chap local-name "supplied-username@example.com" # Refer to Welcome Pack
set interfaces at-1/0/0 unit 0 ppp-options chap passive
set interfaces at-1/0/0 unit 0 family inet negotiate-address

set interfaces vlan unit 0 family inet address 192.168.1.1/24

set routing-options generate route 0.0.0.0/0 # Generate default route

set system ntp server 185.8.92.8
set system ntp server 185.8.92.10
set security alg sip disable

set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface

set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
deactivate interfaces at-1/0/0
set interfaces pt-1/0/0 vlan-tagging
set interfaces pt-1/0/0 mtu 1492
set interfaces pt-1/0/0 vdsl-options vdsl-profile auto
set interfaces pt-1/0/0 unit 0 encapsulation ppp-over-ether
set interfaces pt-1/0/0 unit 0 vlan-id 101

set interfaces pp0 unit 0 ppp-options chap default-chap-secret "REFER TO WELCOME PACK FOR PASSWORD" # Refer to Welcome Pack
set interfaces pp0 unit 0 ppp-options chap local-name "suppliedusername@example.com"  # Refer to Welcome Pack
set interfaces pp0 unit 0 ppp-options chap passive
set interfaces pp0 unit 0 pppoe-options underlying-interface pt-1/0/0.0
set interfaces pp0 unit 0 pppoe-options idle-timeout 0
set interfaces pp0 unit 0 pppoe-options auto-reconnect 5
set interfaces pp0 unit 0 pppoe-options client
set interfaces pp0 unit 0 no-keepalives
set interfaces pp0 unit 0 family inet negotiate-address

set interfaces vlan unit 0 family inet address 192.168.1.1/24

set routing-options generate route 0.0.0.0/0 # Generate default route

set system ntp server 185.8.92.8
set system ntp server 185.8.92.10
set security alg sip disable

set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface

set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit