Hi Folks,
Please find an example on the same,
Default ethernet switch configuration.
The following procedure shows the default configuration for Ethernet switching on interfaces on a SRX210 device. The factory default configuration includes a predefined VLAN named vlan-trust and a VLAN interface named vlan.0 that is assigned to an IP address of 192.168.1.1/24 and as a Layer 3 interface. The VLAN interface is assigned to the trust security zone, which allows all services and protocols.
1.An internal VLAN (vlan-trust) is defined to allow switching several interfaces:
user@host# set vlans vlan-trust vlan-id 3
Assign a VLAN interface as the Layer 3 interface to the predefined vlan-trust VLAN.:
user@host# set vlans vlan-trust l3-interface vlan.0
2.Configure a VLAN interface with an IP address for the VLAN. For branch deployments, the IP address is typically the gateway address. This layer 3 interface can has an IP address that is reachable from all hosts on its VLAN.
user@host# set interfaces vlan unit 0 family inet address 192.168.1.1/24
3.Assign all physical interfaces except ge-0/0/0 to an interface range with the name interfaces-trust:
user@host# set interfaces interface-range interfaces-trust member ge-0/0/1
user@host# set interfaces interface-range interfaces-trust member fe-0/0/2
user@host# set interfaces interface-range interfaces-trust member fe-0/0/3user@host# set interfaces interface-range interfaces-trust member fe-0/0/4
user@host# set interfaces interface-range interfaces-trust member fe-0/0/5
user@host# set interfaces interface-range interfaces-trust member fe-0/0/6
user@host# set interfaces interface-range interfaces-trust member fe-0/0/7
4.Assign the interface range to the VLAN vlan-trust.
user@host# set interfaces interface-range interfaces-trust unit 0 family ethernet-switching vlan members vlan-trust
5.Assign the VLAN interface to a security zone, and specify allowed host-inbound services and protocols. (It is a firewall, so the interface is mapped to zone trust where all services are enabled.)
user@host# set security zones security-zone trust interfaces vlan.0
user@host#set security zones security-zone trust host-inbound-traffic system-services alluser@host# set security zones security-zone trust host-inbound-traffic protocols all