Differences

This shows you the differences between two versions of the page.

Link to this comparison view

broadband:juniper [2019/02/20 14:42] (current)
vkaup created
Line 1: Line 1:
 +{{tag>​Setup Broadband Configuration Juniper Juniper_JunOS}}
 +====== Setting up SureVoIP Broadband on Juniper SRX Router ======
 +===== ADSL2+ =====
  
 +This guide will apply in general to all Juniper routers with a built-in ADSL modem.
 +
 +It is assumed you require only basic NAT and the ADSL service is your only internet connection. If your requirements require a more complex set up then please consult an Authorised Juniper Partner for further advice.
 +
 +Please note regarding the sample configuration below:
 +  * Does //not// provide DHCP service to LAN
 +  * London time zone with BST set
 +  * Uses SureVoIP DNS servers
 +  * Basic NAT
 +  * IPv6 disabled
 +
 +<​code>​
 +deactivate interfaces pt-1/0/0
 +set interfaces at-1/0/0 description "​SureVoIP Business Broadband"​
 +set interfaces at-1/0/0 encapsulation atm-pvc
 +set interfaces at-1/0/0 atm-options vpi 0
 +set interfaces at-1/0/0 unit 0 encapsulation atm-ppp-vc-mux
 +set interfaces at-1/0/0 unit 0 vci 0.38
 +set interfaces at-1/0/0 unit 0 ppp-options chap default-chap-secret "REFER TO WELCOME PACK FOR PASSWORD"​ # Refer to Welcome Pack
 +set interfaces at-1/0/0 unit 0 ppp-options chap local-name "​supplied-username@example.com"​ # Refer to Welcome Pack
 +set interfaces at-1/0/0 unit 0 ppp-options chap passive
 +set interfaces at-1/0/0 unit 0 family inet negotiate-address
 +
 +set interfaces vlan unit 0 family inet address 192.168.1.1/​24
 +
 +set routing-options generate route 0.0.0.0/0 # Generate default route
 +
 +set system ntp server 185.8.92.8
 +set system ntp server 185.8.92.10
 +set security alg sip disable
 +
 +set security nat source rule-set trust-to-untrust from zone trust
 +set security nat source rule-set trust-to-untrust to zone untrust
 +set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
 +set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
 +
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
 +</​code>​
 +===== VDSL2 - FTTC (Fibre to the Cabinet) =====
 +
 +<​code>​
 +deactivate interfaces at-1/0/0
 +set interfaces pt-1/0/0 vlan-tagging
 +set interfaces pt-1/0/0 mtu 1492
 +set interfaces pt-1/0/0 vdsl-options vdsl-profile auto
 +set interfaces pt-1/0/0 unit 0 encapsulation ppp-over-ether
 +set interfaces pt-1/0/0 unit 0 vlan-id 101
 +
 +set interfaces pp0 unit 0 ppp-options chap default-chap-secret "REFER TO WELCOME PACK FOR PASSWORD"​ # Refer to Welcome Pack
 +set interfaces pp0 unit 0 ppp-options chap local-name "​suppliedusername@example.com" ​ # Refer to Welcome Pack
 +set interfaces pp0 unit 0 ppp-options chap passive
 +set interfaces pp0 unit 0 pppoe-options underlying-interface pt-1/0/0.0
 +set interfaces pp0 unit 0 pppoe-options idle-timeout 0
 +set interfaces pp0 unit 0 pppoe-options auto-reconnect 5
 +set interfaces pp0 unit 0 pppoe-options client
 +set interfaces pp0 unit 0 no-keepalives
 +set interfaces pp0 unit 0 family inet negotiate-address
 +
 +set interfaces vlan unit 0 family inet address 192.168.1.1/​24
 +
 +set routing-options generate route 0.0.0.0/0 # Generate default route
 +
 +set system ntp server 185.8.92.8
 +set system ntp server 185.8.92.10
 +set security alg sip disable
 +
 +set security nat source rule-set trust-to-untrust from zone trust
 +set security nat source rule-set trust-to-untrust to zone untrust
 +set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
 +set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
 +
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
 +set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit
 +</​code>​