Juniper
You must first onboard the device in the Administration module.
To export Juniper device configurations, compete the following steps.
ScreenOS, VSYS
- Log in to the device as an administrator using SSH.
- Disable console paging by running the command set console page 0.
- Run the following commands and save the output into the files as listed below.
| Run Command | Save Output As | Information Included |
|---|---|---|
| get interface | interface.txt | Interface settings |
| get route | route.txt | Routing table |
| get config | config.txt | Device configuration |
| get system | system.txt | System information |
| get zone | zone.txt | Security zones |
| get service service-name-from-predefined-list | service.txt |
Info on current entries in service definition list, including ports used. |
| get service pre-defined | service.txt |
For each service name in 'get service pre-defined' response, make additional calls like this: get service ANY, get service AOL, get service MS-AD-BR etc. |
- Place all of these files in a folder named for the device.
The file service.txt is also a required file for your configuration. This file installs with Security Manager; you do not need to export it from your device.
M Series, SRX, EX Series
- Log into the device as an administrator over SSH.
- Disable console paging by running the command set cli screen-length 0.
- Run the following commands and save the output into the files as listed below for the specific device.
| Run Command | Save Output As | Information Included |
|---|---|---|
|
show configuration | display xml | display inheritance | no-more |
config_xml.txt |
Configuration that currently is running |
|
show configuration groups junos-defaults applications | display xml | no-more |
service_xml.txt |
Predefined applications that exist within JunOS |
| show route | display xml | no-more | route_xml.txt | Active entries in the routing tables |
| show interfaces brief |display xml | no-more | interfaces_xml.txt |
Status information and statistics about interfaces |
| Run Command | Save Output As | Information Included |
|---|---|---|
| show route | display xml | no-more | route_xml.txt | Information about all routes in all routing tables, including private, or internal, tables |
| Show configuration | display xml | display inheritance | no-more | config_xml.txt |
The last committed, currently running configuration |
| show interfaces brief | display xml | no-more | interfaces_xml.txt |
Information on all the interfaces of the firewall |
| show configuration groups junos-defaults applications | display xml | no-more | service_xml.txt | Predefined applications that exist within JunOS |
|
show security zones | display xml | no-more |
zones_xml.txt | Information about security zones and which interfaces it is bound to |
|
show configuration security policies | display xml | no-more |
policies_xml.txt |
Security policies listed in the running configuration |
| show version | display xml | no-more | version_xml.txt | System software version |
| Run Command | Save Output As | Information Included |
|---|---|---|
| show route | display xml | no-more | route.txt | Active entries in the routing tables |
|
show configuration | display xml | display inheritance | no-more |
config_xml.txt | Configuration that currently is running |
| show interfaces brief | display xml | no-more | interfaces.txt | Status information and statistics about interfaces |
- Place all of these files in a folder named for the device.
Any non-XML data in the config_xml.txt and service_xml.txt files will produce an error condition. Please open these files and verify that only XML data appears. In the example below, extra data for a PuTTY log was added before and after the configuration XML. This data must be removed before you import the files.
Example:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2020.10.28 16:59:07 =~=~=~=~=~=~=~=~=~=~=~=
show configuration | display xml
<rpc-reply xmlns:junos="http://xml.juniper.net/junos/11.4R4/junos">
<configuration junos:commit-seconds="1374068400" junos:commit-localtime="2013-07-17 08:40:00 CDT" junos:commit-user="admin">
<configuration XML appears here>
</cli>
</rpc-reply>
admin@FM-srx210>
When show configuration is used, a timestamp appears at the top of the output indicating when the configuration was last changed.
The display xml part of the command gives the output into a xml format and no-more means that the whole output will be placed in the file without the need to hit more to get the complete output for the screen.