After factory reset



  • Dear all,
              After i reset the firewall ( by pressing the pinhole ), fireewall restart after that unable to browse with default ip 192.168.1.1
    , how to change back the setting can let me browse by using 192.168.1.1 , please help , config as below , thank you .
    get config

    Total Config size 2273:
    set clock timezone 0
    set vrouter trust-vr sharable
    unset vrouter “trust-vr” auto-route-export
    set auth-server “Local” id 0
    set auth-server “Local” server-name "Local"
    set auth default auth server "Local"
    set admin name "netscreen"
    set admin password "nKVUM2rwMUzPcrkG5sWIHdCtqkAibn"
    set admin auth timeout 10
    set admin auth server "Local"
    set admin format dos
    set zone “work” vrouter "trust-vr"
    set zone “Untrust” vrouter "trust-vr"
    set zone “home” vrouter "trust-vr"
    set zone “VLAN” vrouter "trust-vr"
    set zone “work” tcp-rst
    set zone “Untrust” block
    unset zone “Untrust” tcp-rst
    set zone “MGT” block
    set zone “home” tcp-rst
    set zone “VLAN” block
    set zone “VLAN” tcp-rst
    set zone “Untrust” screen tear-drop
    set zone “Untrust” screen syn-flood
    set zone “Untrust” screen ping-death
    set zone “Untrust” screen ip-filter-src
    set zone “Untrust” screen land
    set zone “V1-Untrust” screen tear-drop
    set zone “V1-Untrust” screen syn-flood
    set zone “V1-Untrust” screen ping-death
    set zone “V1-Untrust” screen ip-filter-src
    set zone “V1-Untrust” screen land
    set interface “ethernet1” zone "work"
    set interface “ethernet2” zone "home"
    set interface “ethernet3” zone "Untrust"
    unset interface vlan1 ip
    unset interface vlan1 bypass-others-ipsec
    unset interface vlan1 bypass-non-ip
    set interface ethernet1 dhcp-client enable
    set interface ethernet2 dhcp-client enable
    set interface ethernet3 dhcp-client enable
    set flow tcp-mss
    set hostname ns5gt
    set ike respond-bad-spi 1
    set pki authority default scep mode "auto"
    set pki x509 default cert-path partial
    set policy id 1 from “work” to “Untrust”  “Any” “Any” “ANY” permit
    set policy id 2 from “work” to “home”  “Any” “Any” “ANY” permit
    set policy id 3 from “home” to “Untrust”  “Any” “Any” “ANY” permit
    set policy id 4 from “home” to “work”  “Any” “Any” “ANY” deny
    set global-pro policy-manager primary outgoing-interface ethernet3
    set global-pro policy-manager secondary outgoing-interface ethernet3
    set ssh version v2
    set config lock timeout 5
    set modem speed 115200
    set modem retry 3
    set modem interval 10
    set modem idle-time 10
    set snmp port listen 161
    set snmp port trap 162
    set vrouter "untrust-vr"
    exit
    set vrouter "trust-vr"
    unset add-default-route
    exit
    ns5gt->



  • Dear all,
              i manage to use web browser to access , by changing from home-work to trust-untrust mode ,thank you .


  • Engineer

    Don’t forget that you can also factory reset a firewall (if you forgot the username / password, or even if you haven’t) by using the serial number as the username and the password.

    Also, the good ol’ ‘unset all’ is a personal favorite.

    Peas.



  • take a console cable
    put it on your netscreen and your workstation
    restart your netscreen
    password/login: netscreen/netscreen
    and you can modify your config with commande line.
    for example, if you want use http into manage netscreen on the ethernet2:
    set interface ethernet2 manage http

    http://www.juniper.net/techpubs/software/screenos/screenos5x/cli_5_0.pdf


 

20
Online

38.4k
Users

12.7k
Topics

44.5k
Posts