Lompat ke konten Lompat ke sidebar Lompat ke footer
Beranda / Juniper | Junos-JCNA Day-1

Juniper | Junos-JCNA Day-1

Oleh Hasugian Posting Komentar


Junniper Open Learning
https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=11478

https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=EDU-JUN-WBT-JOL-JNCIA-JUNOS

Link LAB:
https://labs.fernanda.id/store/public/auth/login/offline?link=https%3A%2F%2Flabs.fernanda.id%2Fstore%2Fpublic%2Fadmin%2Fmain%2Fview&error=&success=

Username: user4

Pass : P@ssw0rd
----------------------------------------------------------------------------------------------------------------------

Basic Config

1.Unix Mode (tidak bisa lakukan akses konfigurasi router)

root@% ls

root@% pwd

root@% cd /

root@% cd /root/
2.Operational Mode (bs melakukan monitoring, ntuk melihat konfigurasi coomand apa sj   yg kt lakukan, i.e ping,  )

Untuk masuk confogurasi operation mode gunakan cli

root@%cli
root>show interface ters

root>show

root>show

 3.Configuration Mode  / Edit Mode (bs melakukan untuk melakukan konfigurasi di Juniper  )

root> configure
root# set system root-authentication plain-text-password

------------------------------------------------ 
Configure Ada 3 mode:

1. Configure Biasa: (bebberapa user akses ruter yg sama diwaktu yg sama, ada 1 user commit konfig, mk user yg  lain bakal ikut  ke commit konfigurasi kandidat nya.

 ------------------------------------------------ 
2. Configure Private  
  • Multiple user bisa login secara waktu bersamaan ke Junos, dan masing-masing user meiliki changes sendiri dan commit sendiri.
  • Jika user A melakukan changes dan commit mk user lai tdk akan ikut ter-commit, 
  • Kekekuranganya tdk bisa melkukan commit confirmed 

root@R-01> configure private

------------------------------------------------ 
3.Configure Exclusive :

  • Hanya bisa satu user yg di ijinkan untuk melakukan konfigurasi.
  • Jika ada user lain misal user root sedang melakukan configure exclusive, maka user lain yang login.remote tidak bisa melakuak configure , akan ada muncul error. 
  • Jika user user ingin melakukan konfigurasi maka user lain yg sedang login tersebut bisa  dipaksa keluar menggunakan perintah sistem keluar, yaitu dengan command sbb:
root@R-01>request system logout user aguna2
root@R-01> configure exclusive 
------------------------------------------------ 

 (hanya boleh config dan commit hanya 1 user/orang, harus kluar dl baru user yg lain bisa config).

root@R1# run request system reboot

REPLACE (sepesifik):
root@R1# replace pattern 12.12.12.1/24 with 12.12.12.2/2

RENAME
rename interfaces ge-0/0/0.0 family inet address 12.12.12.1/24 to address 12.12.12.2/2

 RESTART / SHUTDOWN

root@R2> request system power-off
root@R2> request system reboot

RESET FACTORY
root@R2> request system zeroize

root@R2# load factory-default
fungsinya setinganya doang direset ke factory reset. cara ini masih bs rollback
 -----------------------------------------------------

ROLLBACK
Skenario-1
root@R2# show | compare rollback ?

Possible completions:
  0                    2024-07-27 03:47:24 UTC by root via cli
  1                    2024-07-27 03:25:23 UTC by root via cli
  2                    2024-07-27 02:46:55 UTC by root via other
[edit]
root@R2# show | compare rollback 1
root@R2# rollback 2

Skenario-2
root@R-01# set system host-name SRX-01 

[edit]
root@R-01# 

[edit]
root@R-01# show | compare rollback 0      
[edit system]
-  host-name R-01;
+  host-name SRX-01;

[edit]
root@R-01# 

VERIFIKASI:
root@R-01> show system rollback ?
root@R-01> show system rollback 1 
root@R-01> show system rollback 2
---------------------------------------------------- 
root@R1> show system uptime
Current time: 2024-07-27 03:58:11 UTC
System booted: 2024-07-27 02:45:13 UTC (01:12:58 ago)
Protocols started: 2024-07-27 02:46:50 UTC (01:11:21 ago)
Last configured: 2024-07-27 03:54:51 UTC (00:03:20 ago) by root
 3:58AM  up 1:13, 1 user, load averages: 0.07, 0.13, 0.50

root@R1# set system time-zone Asia/Jakarta

CARA-1:RESET PASSWORD:
1. Power ON
2. tekan SPASI 
3. boot -s
4. ketik: recovery
5. masukin Password Baru
6. commit

CARA-2: RESET PASSWORD:
1. Power ON
2. bisa CTR-C
3.Pilh No.5 (more-option)
4. Pilih no.2 (Recovery Mode -[c]LI
5. masukin Password Baru
6. commit

----------------------

LAB
s.id/jncia-study-guide

https://docs.google.com/document/d/1Fqde0fgzVFJuRfLiWWmaqJhgG6l8Ghrvpo3RDB8Sino/edit?pli=1#heading=h.h4aws2l7zfk

FTP
root@R-1# set system services ftp

-----------------------------------------------------------------------------------

NTP SERVER
set system time-zone Asia/Jakarta
set system ntp server  10.10.10.1
set system ntp boot-server  10.10.10.1

-----------------------------------------------------------------------------------
TELNET

root@R-01# set system domain-name training.lab
root@R-01# set system services telnet 
 
..lalu
root@R-01# run telnet 1.1.1.1
 -----------------------------------------------------------------------------------
CEK LOG
aguna2@R-1> show log config-change-log
 -----------------------------------------------------------------------------------
USER ROOT
Sebelum melakukan configurasi apapun user-root harus diakrtifkan terlebih dahulu dan set password.

root# set system root-authentication plain-text-password
New password: Test123
Retype new password: Test123
-------------------- -------------------------------
Create a User
root@R1-Juniper-01# set system login user aguna class super-user

root@R1-Juniper-01# set system login user aguna authentication plain-text-password
New password:
Retype new password:

root@R1-Juniper-01# commit
----------------------------------------------------------------------------------------
IMAGE

UUID: da9cf959-f0ca-4194-8fdb-db609c905c39
Qemu Options: -machine type=pc,accel=kvm -serial mon:stdio -nographic
Config Script: config_vmx.py
----------------------------------------------------------------------------------------
VERIFIKASI CONFIGURATION (USER)

root@R-01# run show configuration system login | display set

root@R-01#set system login user aguna1 class super-user authentication encrypted-password Test123
 --------------------------------------------------------------------------------------

RENAME 
Misalnya username aguna3 diganti aguna 4

aguna@R-Juniper-01# edit system login

aguna@R-Juniper-01# rename user aguna3 to user aguna4

 -----------------------------------------------------------------------------------------------------------

VERIFIKASI TEST SSH

aguna@R-Juniper-01# run ssh aguna4@172.16.1.1

Rename Username ( REPLACE)

aguna@R-Juniper-01# edit system log

aguna@R-Juniper-01# replace pattern aguna2 with aguna22

 ---------------------------------------------------------------------------------------------
CONFIGURATION FILE
 root@SRX-01# show | compare ?       
Possible completions:
  <[Enter]>            Execute this command
  <filename>           Filename or URL of configuration file
  config-01-11-2025    Size: 1136, Last changed: Nov 01 14:15:36
  config2-01-11-2025   Size: 1136, Last changed: Nov 01 14:15:41
  config2-01-11-2025_  Size: 1286, Last changed: Nov 01 13:56:04
  rollback             Index of rollback configuration file (0..17)
  |                    Pipe through a command

------------ File Compare ---------
root@SRX-01> file compare file ?
root@SRX-01> file compare files config-01-11-2025 config2-01-11-2025    
root@SRX-01> file compare files config-01-11-2025 config2-01-11-2025 context    
------------ File Copy---------
root@SRX-01> file copy config2-01-11-2025 config2-01-11-2025_temp
root@SRX-01> file list
------------ File Delete---------
root@SRX-01> file delete config2-01-11-2025_temp
root@SRX-01> file list
------------ File Archive ---------
root@SRX-01> file archive source ...

------------  Junos Commit    ---------
root@SRX-01# commit check
root@SRX-01# commit at *2025-12-25 15:00*
root@SRX-01# commit confirmed 5 
root@SRX-01# commit and quite

root@SRX-01> show system commit
>clear system commit
----------------------------------------------------- 
ROUTING STATIK
root@R1# edit routing-options static
root@R1# set  route 2.2.2.2/32 next-hop 12.12.12.2
atau  .....>
root@R1# set routing-options static route 2.2.2.2/32 next-hop 12.12.12.2
root@R2# set routing-options static route 0.0.0.0/0 next-hop 12.12.12.1
---------------------------------------------------------
root@R1#set routing-options static route 2.2.2.2/32 next-hop 12.12.12.2 #(priority, karna prefence default 5)

root@R1#set routing-options static route 2.2.2.2/32 qualified-next-hop 21.21.21.2 preference 6
Nilai Prefence paling rendah akn prioritas
 
VERIFIKASI:
root@R1> show configuration | find "routing"
root@R1> show route protocol static
root@R1> show route terse
root@R3> show interfaces terse | match "ge|lo" | match "inet"
root@R4# show protocols ospf
---------------------------------------------------
SHUTDOWN INTERFACE ge-0/0/0
root@R1# set interfaces ge-0/0/0 disable
root@R1# commit
Mengaktifkan kembali UP (no shut)
root@R2# delete interfaces ge-0/0/0 disable
commit

root@R1# run ping 2.2.2.2 rapid size 1500
PING 2.2.2.2 (2.2.2.2): 1500 data bytes
!!!!!
 ------
aguna1@R-02# show interfaces ge-0/0/0 | display set
set interfaces ge-0/0/0 unit 0 family inet address 192.168.2.254/24
set interfaces ge-0/0/0 unit 0 family inet address 12.12.12.2/30
 
VERIFIKASI:
R-02# run show interfaces terse | except down | match ge-0 
R-02# run show configuration | no-more

R-02# run show configuration | display set | no-more
R-02# show | display set

R-02> show configuration interfaces ge-0/0/0     
R-02> show configuration interfaces ge-0/0/0 | display set
R-02> show configuration protocols bgp | display set
R-02> show configuration | display set

Sebelumnya IP add nya sudah diconfig, ternyata salah, kita mau IP ini di edit. Sebelum di edit, kita Verifikasi dulu.

VERIFIKASI:
R-02#  run show configuration interfaces ge-0/0/1 | display set
R-02# set interfaces ge-0/0/1 unit 0 family inet address 192.168.1.254/24

Kemudian, kita lakukan edit
R-02#  edit interfaces ge-0/0/1
R-02#  insert unit 0 family inet address 192.168.2.254/24

aguna@R-Juniper-02# commit
commit complete

R-02# insert interfaces ge-0/0/1 unit 0 family inet address 192.168.3.254/24 before address 192.168.2.254/24 

Kemudian Edit IP

 Misalnya IP sebelumnya 192.168.22.254/24, diganti ke IP 192.168.2.254/24

root@R-02#edit interfaces ge-0/0/1 unit 0 family inet
root@R-02# edit address 192.168.22.254/24
root@R-02# commit

Hapus IP Interface
root@R-02# delete interfaces ge-0/0/1 unit 0 family inet address 192.168.2.254/24
root@R-02# commit
-----------------------------------------------------------------------------
Backup & Restore Configurasi
Backup
aguna@R-Juniper-01# save config-17-07-2024
Wrote 34 lines of configuration to 'config-17-07-2024'
aguna@R-Juniper-01# run file list
/var/home/aguna/:
.ssh/
config-17-07-2024
--------------------------------------------------------------------
Restore
aguna@R-Juniper-01# load override config-17-07-2024
aguna@R-Juniper-01# commit

aguna@R-Juniper-01# load merge config-17-07-2024

Kalau pake merge ini artinya backup file konfigurasi  lama, ditambahn konfigurasi yg barusan sdh ditambhakan dan sdh commit. Artinya menggabungkan file konfigurasi lama dgn konfigurasi tambahan yg tentunya sdh dicommit.
 ---------------------------------------------------------
------BACKUP CONFIG Junos ---------------
root@R7#set system archival configuration transfer-interval 1440
root@R7#set system archival configuration archive-sites sftp://admin@192.168.31.254/Backup_Juniper password [password server]

#show system archival

Posting Komentar untuk "Juniper | Junos-JCNA Day-1"

Posting Komentar