request system software add /cf/var/tmp/junos-srxsme-12.1X46-D55.3-domestic.tgz no-validate reboot
for usb;
loader> install file:///jinstall-ex-3300-15.1R5.5-domestic-signed.tgz (file name)
For Partition
run show system snapshot media internal
run request system snapshot all-members
run request system snapshot slice alternate
Cisco
#delete flash:vlan.dat
#write erase
#reload after that we dont save this configuration. If I save this configuration it come back last startup configuration
at CİSCO
show usbflash0:
dir usbflash0:
copy usbflash0:cat3k_caa-universalk9.SPA.03.06.06.E.152-2.E6.bin flash:” to upgrade to the last IOS.
software install file flash:cat3k_caa-universalk9.SPA.03.06.06.E.152-2.E6.bin
or
boot system flash: cat3k_caa-universalk9.SPA.03.06.06.E.152-2.E6.bin
Ssh Loing Block;
set system login retry-options tries-before-disconnect 2 {This is the no. of times that a user is allowed to try password}
set system login retry-options backoff-threshold 2 {This is no. of password failures before delay is in effect}
set system login retry-options backoff-factor 5 {After backoff-threshold is in effect the user is blocked for 5 seconds}
set system login retry-options minimum-time 20 {As user gets prompt to enter user/pass, he/she has 20 seconds to enter it}
Permit Ssh from Local ip address
set interfaces lo0 unit 0 family inet filter input local_acl
set interfaces lo0 unit 0 family inet address 127.0.0.1/32
set firewall family inet filter local_acl term terminal_access from address 172.16.0.0/12( you just access with this ip range)
set firewall family inet filter local_acl term terminal_access from protocol tcp
set firewall family inet filter local_acl term terminal_access from port ssh
set firewall family inet filter local_acl term terminal_access from port telnet
set firewall family inet filter local_acl term terminal_access from port https
set firewall family inet filter local_acl term terminal_access from port http
set firewall family inet filter local_acl term terminal_access then accept
set firewall family inet filter local_acl term terminal_access_denied from protocol tcp
set firewall family inet filter local_acl term terminal_access_denied from port ssh
set firewall family inet filter local_acl term terminal_access_denied from port telnet
set firewall family inet filter local_acl term terminal_access_denied from port http
set firewall family inet filter local_acl term terminal_access_denied from port https
set firewall family inet filter local_acl term terminal_access_denied then log
set firewall family inet filter local_acl term terminal_access_denied then reject
set firewall family inet filter local_acl term default-term then accept
Cisco
#delete flash:vlan.dat
#write erase
#reload after that we dont save this configuration. If I save this configuration it come back last startup configuration
at CİSCO
show usbflash0:
dir usbflash0:
copy usbflash0:cat3k_caa-universalk9.SPA.03.06.06.E.152-2.E6.bin flash:” to upgrade to the last IOS.
software install file flash:cat3k_caa-universalk9.SPA.03.06.06.E.152-2.E6.bin
or
boot system flash: cat3k_caa-universalk9.SPA.03.06.06.E.152-2.E6.bin
software auto-upgrade enable
copy tftp: flash:
copy startup-config ftp:
---
dir flash:
boot flash:c2950-i6q4l2-mz.121-13.EA1.bin
NEXUS
switch# install all kickstart bootflash:n7000-s1-kickstart.4.2.1.bin system bootflash:n7000-s1-dk9.4.2.1.bin
copy tftp: flash:
copy startup-config ftp:
---
dir flash:
boot flash:c2950-i6q4l2-mz.121-13.EA1.bin
NEXUS
switch# install all kickstart bootflash:n7000-s1-kickstart.4.2.1.bin system bootflash:n7000-s1-dk9.4.2.1.bin
Ssh Loing Block;
set system login retry-options tries-before-disconnect 2 {This is the no. of times that a user is allowed to try password}
set system login retry-options backoff-threshold 2 {This is no. of password failures before delay is in effect}
set system login retry-options backoff-factor 5 {After backoff-threshold is in effect the user is blocked for 5 seconds}
set system login retry-options minimum-time 20 {As user gets prompt to enter user/pass, he/she has 20 seconds to enter it}
Permit Ssh from Local ip address
set interfaces lo0 unit 0 family inet filter input local_acl
set interfaces lo0 unit 0 family inet address 127.0.0.1/32
set firewall family inet filter local_acl term terminal_access from address 172.16.0.0/12( you just access with this ip range)
set firewall family inet filter local_acl term terminal_access from protocol tcp
set firewall family inet filter local_acl term terminal_access from port ssh
set firewall family inet filter local_acl term terminal_access from port telnet
set firewall family inet filter local_acl term terminal_access from port https
set firewall family inet filter local_acl term terminal_access from port http
set firewall family inet filter local_acl term terminal_access then accept
set firewall family inet filter local_acl term terminal_access_denied from protocol tcp
set firewall family inet filter local_acl term terminal_access_denied from port ssh
set firewall family inet filter local_acl term terminal_access_denied from port telnet
set firewall family inet filter local_acl term terminal_access_denied from port http
set firewall family inet filter local_acl term terminal_access_denied from port https
set firewall family inet filter local_acl term terminal_access_denied then log
set firewall family inet filter local_acl term terminal_access_denied then reject
set firewall family inet filter local_acl term default-term then accept
Hiç yorum yok:
Yorum Gönder