【正文】 description ether0/0 number 0, if_info 0, if_index 0, mode route link inactive, phylink up/fullduplex vsys Root, zone Trust, vr trustvr, vsd 0 dhcp client disabled PPPoE disabled admin mtu 0, operating mtu 1500, default mtu 1500 *ip manage ip , mac routedeny disable bandwidth: physical 100000kbps, configured egress [gbw 0kbps mbw 0kbps] configured ingress mbw 0kbps, current bw 0kbps total allocated gbw 0kbps …… 1． Check the basic information on firewall： (cont) 26 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 2． Check the log and alarms： SSG520(B) get event level emergency (alert/critical/error) Date Time Module Level Type Description 20220623 22:17:00 system warn 00515 Admin user zte has logged on via Tel from :1127 20220623 21:43:09 system warn 00515 Admin user zte has logged on via Tel from :1114 20220623 21:43:02 system warn 00515 Login attempt to system by admin screen via Tel from : 1114 has failed …… Note: This mand show us the log for level 03(the highest is emergency, etc) alarms messages. The debug mands in mon used 27 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 3． Check the interfaces status： SSG520(M) get interface A Active, I Inactive, U Up, D Down, R Ready Interfaces in vsys Root: Name IP Address Zone MAC VLAN State VSD eth0/0 eth0/1 eth0/2 eth0/3 vlan1 null Note: The interfaces state of master device would be display “U”, The interfaces status of backup device would be display “I”. The debug mands in mon used 28 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 4． Check the CPU utilization per cent ： SSG520(M) get performance cpu Average System Utilization: 2% Last 1 minute: 2%, Last 5 minutes: 2%, Last 15 minutes: 2% Note: No more than 50%! The debug mands in mon used 29 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 5． Check the memory utilization per cent ： SSG520(M) get memory Memory: allocated 62977360, left 663283264, frag 96 Note: No more than 90%. 6． Check the sessions amount： SSG520(M) get session info alloc 245/max 64064, alloc failed 0, mcast alloc 0, di alloc failed 0 total reserved 0, free sessions in shared pool 63819 Note: No more than 50%. The debug mands in mon used 30 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 7． Check the NSRP master/backup status ： SSG520(M) get nsrp vsd all VSD group info: init hold time: 5 heartbeat lost threshold: 3 heartbeat interval: 1000(ms) master always exist: disabled group priority preempt holddown inelig master PB other members 0 100 no 3 no myself 4408448 total number of vsd groups: 1 Total iteration=16610418,time=3247494099,max=678661,min=1824,average=195 vsd group id: 0, member count: 2, master: 4409856 member information: group unit_id state prio flag rto_peer hb miss holddown 0 4408448 primary backup 120 0 0 0 0 0 0 4409856 master 100 0 0 0 0 0 The debug mands in mon used 31 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 8． Password recovery(restore to default setting)： 1. Use the “get system” mand and write down the serial number。 2. Login the device by user name/password: SN/SN。 3. Restore the backup configure file from tftp server。 4. Save the configure file. Notice: If you run the password recovery, all configure mand on the device would be lost! The debug mands in mon used 32 Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential More information in the juniper web site: Copyright 169。 2022 Juniper Networks, Inc. Proprietary and Confidential 33 Qamp。A MSN: Mail: