一、CP防火墙配置
配置VPN出接口IP地址,选择公网ip地址
配置感兴趣流
下载本地CA证书
Subject: O=SMS1..7ey4ky
Issuer: O=SMS1..7ey4ky
Not Valid Before: Sun Mar 7 11:04:19 2021 Local Time
Not Valid After: Fri Jan 1 11:14:07 2038 Local Time
Serial No.: 1
Public Key: RSA (2048 bits)
Signature: RSA with SHA256
Key Usage:
digitalSignature
keyCertSign
cRLSign
Basic Constraint:
is CA
MD5 Fingerprint:
89:1D:94:81:C8:72:70:14:20:B8:A6:FF:8B:8E:90:C0
SHA-1 Fingerprints:
1. E8:3E:D9:E2:9A:4E:6C:3C:11:B8:18:1A:61:16:D8:0F:59:FE:F1:9F
2. TEAM WALT DUSK POE TACT IRA EM MUST BED NAVE CUNY BIN
二、SRX配置
root@srx> show configuration | display set
set version 12.1X47-D20.7
set system host-name srx
set system domain-name juniper.net
set system time-zone Asia/Shanghai
set system root-authentication encrypted-password "$1$/EKKtycn$Y22bjGYaqbFvedXmBgoEo/"