Juniper Networks 200 Series manual Transparent Mode, Route Mode, Operational Modes

Page 22

Chapter 3 Configuring the Device

OPERATIONAL MODES

The NetScreen-200 Series device supports two device modes: Transparent mode and Route mode. The default mode is Route.

Transparent Mode

In Transparent mode, the NetScreen-200 device operates as a Layer-2 bridge. Because the device cannot translate packet IP addresses, it cannot perform Network Address Translation (NAT). Consequently, for the device to access the Internet, any IP address in your trusted (local) networks must be routable and accessible from untrusted (external) networks.

In Transparent mode, the IP addresses for the Layer-2 Trust and Untrust zones are 0.0.0.0, thus making the NetScreen device invisible to the network. However, the device can still perform firewall, VPN, and traffic management according to configured security policies.

Route Mode

In Route mode, the NetScreen-200 device operates at Layer 3. Because you can configure each interface using an IP address and subnet mask, you can configure individual interfaces to perform NAT.

When the interface performs NAT services, the device translates the source IP address of each outgoing packet into the IP address of the untrusted port. It also replaces the source port number with a randomly-generated value.

When the interface does not perform NAT services, the source IP address and port number in each packet header remain unchanged. Therefore, to reach the Internet your local hosts must have routable IP addresses.

For more information on NAT, see the NetScreen Concepts & Examples ScreenOS Reference Guide.

Note: Performing the setup instructions below configures your device in Route mode. To configure your device in Transparent mode, see the NetScreen Concepts & Examples ScreenOS Reference Guide.

16

User’s Guide

Page 21 Page 23
Image 22
Page 21 Page 23
Contents NETSCREEN-200 Series Copyright Notice Contents IX-I Preface Guide OrganizationCommand Line Interface CLI Conventions Juniper Networks Netscreen PublicationsOverview1 NetScreen-208 Device NetScreen-204 DeviceNETSCREEN-200 Systems System Status LED Display Front PanelAsset Recovery Pinhole AlarmConsole and Modem Ports Compact Flash Card SlotEthernet Interfaces Power SuppliesRear Panel Power Fuse Overview User’s Guide Installing the Device General Installation Guidelines Equipment Rack Installation GuidelinesPerforming EQUIPMENT-RACK Installation Front Mount Connecting the PowerMid-Mount Wiring a DC Power Supply Connecting the NETSCREEN-200 Device to Other Devices Installing the Device User’s Guide Configuring the Device Route Mode Transparent ModeOperational Modes NETSCREEN-200 Series Device Interfaces Ethernet1 through ethernet8Connecting the Device AS a Single Security Gateway Connectivity ExamplesPerforming Device Connection Establishing AN HA Connection Between Devices DeviceDevice Performing Initial Connection and Configuration Establishing a Terminal Emulator ConnectionChanging Your Admin Name and Password Setting Port and Interface IP AddressesSetting the IP Address of the Management Interface Starting a Console Session Using Telnet Configuring the Device for Telnet and Webui SessionsStarting a Console Session Using Dialup Establishing a GUI Management SessionNetScreen WebUI application window appears Using CLI Commands to Reset the Device Asset RecoveryUsing the Asset Recovery Pinhole to Reset the Device Configuring the Device User’s Guide Specifications NETSCREEN-200 Attributes Electrical SpecificationSafety Certifications EnvironmentalIndex IX-II
Top Page Image Contents