Juniper Networks 5000 manual Setting the IP Address for the Trust Zone Interface

Page 36

Chapter 3 Configuring the Device

For example, to set the IP address and subnet mask of the MGT interface to 10.100.2.183 and 16, respectively:

set interface mgt ip 10.100.2.183/16

3.To confirm the new port settings, execute the following command: get interface mgt

Setting the IP Address for the Trust Zone Interface

The NetScreen-5000 Series system usually communicates with your protected network through an interface bound to the Trust zone. To allow an interface to communicate with internal devices, you must assign it the IP address and subnet mask for your protected network.

To set up the ethernet2/2 interface to communicate with your trusted network:

1.Determine the IP address and subnet mask of your trusted network.

2.Set the ethernet2/2 interface to the Trust zone by executing the following command:

set interface ethernet2/2 zone trust

3.Set the IP address and subnet mask by executing the following command: set interface ethernet2/2 ip ip_addr/mask

where ip_addr is the IP address and mask is the subnet mask. For example, to set the IP address and subnet mask of the ethernet2/2 interface to 10.250.2.1/16:

set interface ethernet2/2 ip 10.250.2.1/16

4.(Optional) To confirm the new port settings, execute the following command: get interface ethernet2/2

Setting the IP Address for the Untrust Zone Interface

The NetScreen-5000 Series system usually communicates with external (untrusted) devices through an interface bound to the Untrust zone. To allow an interface to communicate with external devices, you must assign it a public IP address.

To set up the ethernet2/3 interface to communicate with external devices:

1.Choose an unused public IP address and subnet mask.

2.Set the ethernet2/3 interface to the Untrust zone by executing the following command:

set interface ethernet2/3 zone untrust

28	User’s Guide

Image 36

Contents NETSCREEN-5000 Series Copyright Notice Table of Contents Servicing the Device IX-I Table of Contents Preface Guide OrganizationCommand Line Interface CLI Conventions Juniper Networks Netscreen PublicationsOverview1 NetScreen-5200 NetScreen-5400NETSCREEN-5000 Series NetScreen-5200 Power Recommendations NetScreen-5400 Power RecommendationsPower Supplies DC Power Supply AC Power SupplyFAN Modules NETSCREEN-5000 ModulesManagement Modules 5000-M Management Module5000-M2 Management Module Secure Port Modules 5000-8G SPM5000-2G24FE SPM 5000-8G2 SPM 5000-2XGE SPM Part Number Description Distance Fiber TypeOverview User’s Guide Installing the Device General Installation Guidelines Equipment Rack Installation GuidelinesNetScreen-5200 Front and Rear Mount Mounting the NETSCREEN-5000 SeriesNetScreen-5200 Mid-Mount NetScreen-5400 Front MountInstalling and Connecting the AC Power Supply Installing and Wiring a DC Power Supply48V COMThumbscrew Power Connecting the NETSCREEN-5000 Series to a Router or Switch Establishing AN HA ConnectionInstalling the Device User’s Guide Configuring the Device Transparent Mode Route ModeOperational Modes NetScreen-5200 Interfaces NETSCREEN-5000 InterfacesConfigurable Interfaces NetScreen-5400 InterfacesPerforming Initial Connection and Configuration Establishing a Terminal Emulator ConnectionUpgrading the Firmware During the Boot Process Changing Your Admin Name and Password Setting Port and Interface IP AddressesViewing Current Interface Settings Setting the IP Address of the Management InterfaceSetting the IP Address for the Trust Zone Interface Setting the IP Address for the Untrust Zone InterfaceStarting a Console Session Using Telnet Configuring the Device for Telnet and Webui SessionsAllowing Outbound Traffic Starting a Console Session Using Dialup Establishing a GUI Management SessionConfiguring the Chassis Alarm Http//10.100.2.183Configuring Jumbo Frames Configuring Aggregate InterfacesUsing CLI Commands to Reset the Device Following CLI command unset admin device-resetPress the y key Following message appears Servicing the Device Replacing a DC Power Supply Removing and Reseating ModulesReplacing AN AC Power Supply Replacing the FAN ModuleNetScreen-5200 Fan Module NetScreen-5200 Fan Tray Filter Remove the fan tray See NetScreen-5200 Fan Module onNetScreen-5400 Fan Module Replacing the Fan Module NetScreen-5400 Fan Tray Filter Remove the fan tray See NetScreen-5400 Fan Module onConnecting and Disconnecting Gigabit Ethernet Cables Removing and Installing a MINI-GBIC TransceiverServicing the Device User’s Guide Specifications Electrical Specification NETSCREEN-5200 AttributesNETSCREEN-5400 Attributes EnvironmentalSafety Certifications ConnectorsNebs Certifications EMI CertificationsAppendix a Specifications Port Descriptions and LED Status B Module Port Descriptions MGTModule LED Descriptions Following table details the ports on the 5000-8G2 SPMInterpreting Status LEDs for the Management Modules Status LED StatesInterpreting Status LEDs for the Secure Port Module Interpreting Ethernet Port Status LEDs for All ModulesInterpreting Power Supply LED Status for the NetScreen-5200 Interpreting Power Supply LED Status for the NetScreen-5400Power Supply Leds Single SPM InstalledFAN LED Viii Index IX-II