execute restore image <firmware_filename> <tftp server ip>
!! Set Default Route
conf router static
edit <some name, like 1>
set gateway <gateway IP>
end
!! Set static route
config router static
edit <some name, usually number>
set device <interface>
set dst <ip> <netmask>
set gateway <ip>
end
execute factoryreset
execute formatlogdisk
Notes:
- 'execute formatlogdisk' formats the optional hard drive
config log syslogd setting
set status enable
set server <ip>
end
Notes:
- For additional syslog servers, replace 'syslogd' with syslogd2 or syslogd3
- Max of 3 syslog servers
config system interface
edit wan1 // Some name
set ip <ip>/<cidr>
set allowaccess ping https ssh !! All protocols needed, usually need ping ssh and https access
end
!! Aggregate interfaces using LACP 802.3AD (example: assign port8 and port9 to \"aggr1\", aggr1 is a name we can make up, then assign IP like above as normal)
config system interface
edit aggr1
set member "port8" "port9"
end
!! Add VLAN to Aggregate or interface (create int aggr1_30 and assign IP and VLAN 30)
configure system interface
edit aggr1_30
set ip <ip>/<cidr>
set interface "aggr1"
set vlanid 30
end
!! Configure a zone (zones are optional, not required unless desired)
config system zone
edit <some zone name>
set interface <interface1> <interface2> <etc>
set intrazone allow // Only enable if needed as it is insecure (allows 2 ints in the same zone talk to each other without a policy)
end
Username: admin
Password: <empty>
config system global
set hostname <hostname>
end
config system dns
set primary <ip>
set secondary <ip>
end
config system global
set admin-sport 8443
set sslvpn-sport 443
end
config admin
edit <username>
set accprofile "super_admin"
set password <password>
set trusthost1 <ip>/<cidr>
set trusthost2 <ip>/<cidr> // Add as many as required
end
set deviceconfig setting logging log-suppression <to enable/disable> !! Roll up logs for a set amount of time (saw <log> 10 times)
set deviceconfig setting logging max-log-rate <max logging rate>
set deviceconfig setting logging max-packet-rate <max packet logging rate>