Juniper Networks 5000 manual Transparent Mode, Route Mode, Operational Modes

Page 30

Chapter 3 Configuring the Device

OPERATIONAL MODES

The NetScreen-5000 Series supports two operational modes: Transparent and Route. The default mode is Route.

Transparent Mode

In Transparent mode, a NetScreen-5000 Series systems operates as a Layer-2 bridge. Because the device cannot translate packet IP addresses, it cannot perform Network Address Translation (NAT). Consequently, for the device to access the Internet, any IP address in your trusted (local) networks must be routable and accessible from untrusted (external) networks.

In Transparent mode, the IP addresses for the Layer-2 Trust and Untrust zones are 0.0.0.0, thus making the NetScreen-5000 Series system invisible to the network. However, the device can still perform firewall, VPN, and traffic management according to configured security policies.

Route Mode

In Route mode, a NetScreen-5000 Series system operates at Layer 3. Because you can configure each interface using an IP address and subnet mask, you can configure individual interfaces to perform NAT.

When the interface performs NAT services, the NetScreen-5000 Series system translates the source IP address of each outgoing packet into the IP address of the untrusted interface. It also replaces the source port number with a randomly-generated value.

When the interface does not perform NAT services, the source IP address and port number in each packet header remain unchanged. Therefore, to reach the Internet your local hosts must have routable IP addresses.

For more information on NAT, see the NetScreen Concepts & Examples ScreenOS Reference Guide.

22

User’s Guide

Page 29 Page 31
Image 30
Page 29 Page 31
Contents NETSCREEN-5000 Series Copyright Notice Table of Contents Servicing the Device IX-I Table of Contents Preface Guide OrganizationCommand Line Interface CLI Conventions Juniper Networks Netscreen PublicationsOverview1 NetScreen-5200 NetScreen-5400NETSCREEN-5000 Series NetScreen-5200 Power Recommendations NetScreen-5400 Power RecommendationsPower Supplies DC Power Supply AC Power SupplyFAN Modules NETSCREEN-5000 ModulesManagement Modules 5000-M Management Module5000-M2 Management Module Secure Port Modules 5000-8G SPM5000-2G24FE SPM 5000-8G2 SPM 5000-2XGE SPM Part Number Description Distance Fiber TypeOverview User’s Guide Installing the Device General Installation Guidelines Equipment Rack Installation GuidelinesNetScreen-5200 Front and Rear Mount Mounting the NETSCREEN-5000 SeriesNetScreen-5200 Mid-Mount NetScreen-5400 Front MountInstalling and Connecting the AC Power Supply Installing and Wiring a DC Power Supply48V COMThumbscrew Power Connecting the NETSCREEN-5000 Series to a Router or Switch Establishing AN HA ConnectionInstalling the Device User’s Guide Configuring the Device Transparent Mode Route ModeOperational Modes NetScreen-5200 Interfaces NETSCREEN-5000 InterfacesConfigurable Interfaces NetScreen-5400 InterfacesPerforming Initial Connection and Configuration Establishing a Terminal Emulator ConnectionUpgrading the Firmware During the Boot Process Viewing Current Interface Settings Changing Your Admin Name and PasswordSetting Port and Interface IP Addresses Setting the IP Address of the Management InterfaceSetting the IP Address for the Trust Zone Interface Setting the IP Address for the Untrust Zone InterfaceStarting a Console Session Using Telnet Configuring the Device for Telnet and Webui SessionsAllowing Outbound Traffic Starting a Console Session Using Dialup Establishing a GUI Management SessionConfiguring the Chassis Alarm Http//10.100.2.183Configuring Jumbo Frames Configuring Aggregate InterfacesUsing CLI Commands to Reset the Device Following CLI command unset admin device-resetPress the y key Following message appears Servicing the Device Replacing a DC Power Supply Removing and Reseating ModulesReplacing AN AC Power Supply Replacing the FAN ModuleNetScreen-5200 Fan Module NetScreen-5200 Fan Tray Filter Remove the fan tray See NetScreen-5200 Fan Module onNetScreen-5400 Fan Module Replacing the Fan Module NetScreen-5400 Fan Tray Filter Remove the fan tray See NetScreen-5400 Fan Module onConnecting and Disconnecting Gigabit Ethernet Cables Removing and Installing a MINI-GBIC TransceiverServicing the Device User’s Guide Specifications NETSCREEN-5400 Attributes Electrical SpecificationNETSCREEN-5200 Attributes EnvironmentalNebs Certifications Safety CertificationsConnectors EMI CertificationsAppendix a Specifications Port Descriptions and LED Status B Module Port Descriptions MGTModule LED Descriptions Following table details the ports on the 5000-8G2 SPMInterpreting Status LEDs for the Management Modules Status LED StatesInterpreting Status LEDs for the Secure Port Module Interpreting Ethernet Port Status LEDs for All ModulesPower Supply Leds Interpreting Power Supply LED Status for the NetScreen-5200Interpreting Power Supply LED Status for the NetScreen-5400 Single SPM InstalledFAN LED Viii Index IX-II
Top Page Image Contents