Screen OS

Hello Evryone , 

I want to creat 2500 address book enties in Juniper Firewall Model:- NS5400 .

Can i do it in this model is there any kind of limitation or a chance firewall getting in hung state while creating it .

I am trying to copy it from a notepad to netscreen fw all at once .

command  -

set address trust username 10.x.x.x 255.255.255.255
 

Thanks for your reply .

=================

Hello.

I'd be weary in copy/pasting such a large output into the CLI.  If there's any hiccup, then it could get ugly.

I suggest creating a text file with the addresses you want, then tftp to the firewall.

save config from tftp x.x.x.x filename.txt merge

Can you login to the CLI?

get sys-cfg | inc total.max.addr|max.entries

 This is from our ISG2000:

ISG2000 -> get sys-cfg | inc total.max.addr|max.entries
total max address book entries number: 20000  << maximum # of address objects supported
total max addr group allowed number: 1024  << maximum # of address groups supported
max entries allowed per group number: 512 << maximum # of address objects per address group

Regards,

Sam

Hi Sam

Thanks for your reply ,

it supports up to 40,000 address book entries ,

I will be merging config  , I need to import this device config in NSM also , NSM version 2010.3

will there be any issue if i do "Import Device Config" in NSM .

Thanks for your reply again .

======================

Ah.  Our beloved NSM 

If the device is already in NSM, then I would discourage you from re-importing into NSM.  If you do, you will see duplicate entries with "_1" appended to all kinds of objects.

If you have a 'lab' firewall or a spare 5000, then you can do very minimal config on that firewall, apply the address objects and import. 

Alternatively, you can follow http://kb.juniper.net/InfoCenter/index?page=content&id=KB13551, Mass Service and Address object import for NSM.  KB mentions NS25, but won't affect importing address objects into NSM.

Regards,

Sam