Juniper Networks 5000 manual Starting a Console Session Using Telnet, Allowing Outbound Traffic

Page 37

Configuring the Device for Telnet and WebUI Sessions

3.Set the IP address and subnet mask by executing the following command: set interface ethernet2/3 ip ip_addr/mask

where ip_addr is the IP address and mask is the subnet mask. For example, to set the IP address and subnet mask of the ethernet2/3 interface to 172.16.20.1/16:

set interface ethernet2/3 ip 172.16.20.1/16

4.(Optional) To confirm the new interface settings, execute the following command:

get interface ethernet2/3

Allowing Outbound Traffic

By default, the NetScreen-5000 Series system does not allow inbound or outbound traffic, nor does it allow traffic to or from the DMZ. To permit (or deny) traffic, you must create access policies.

The following CLI command creates an access policy that permits all kinds of outbound traffic, from any host in your trusted LAN to any device on the untrusted network.

set policy from trust to untrust any any any permit

Save your access policy configuration with the following command:

save

Important: Your network might require a more restrictive policy than the one created in the example above. The example is NOT a requirement for initial configuration. For detailed information about access policies, see the NetScreen Concepts & Examples ScreenOS Reference Guide.

CONFIGURING THE DEVICE FOR TELNET AND WEBUI SESSIONS

In addition to terminal emulator programs, you can use Telnet (or dialup) to establish console sessions with a NetScreen-5000 Series system. You can also start management sessions using the NetScreen WebUI, a web-based GUI management application.

Starting a Console Session Using Telnet

To establish a Telnet session with the NetScreen-5000 Series system:

1.Connect an RJ-45 cable from the MGT interface to the internal switch, router, or hub in your LAN.

2.Open a Telnet session, specifying the current MGT interface IP address. For example, in Windows, click Start > Run, enter telnet ip_addr (where ip_addr is the address of the MGT interface), then click OK.

NetScreen-5000 Series

29

Image 37

Contents NETSCREEN-5000 Series Copyright Notice Table of Contents Servicing the Device IX-I Table of Contents Guide Organization PrefaceJuniper Networks Netscreen Publications Command Line Interface CLI ConventionsOverview1 NetScreen-5400 NetScreen-5200NETSCREEN-5000 Series NetScreen-5400 Power Recommendations NetScreen-5200 Power RecommendationsPower Supplies AC Power Supply DC Power SupplyNETSCREEN-5000 Modules FAN Modules5000-M Management Module Management Modules5000-M2 Management Module 5000-8G SPM Secure Port Modules5000-2G24FE SPM 5000-8G2 SPM Part Number Description Distance Fiber Type 5000-2XGE SPMOverview User’s Guide Installing the Device Equipment Rack Installation Guidelines General Installation GuidelinesMounting the NETSCREEN-5000 Series NetScreen-5200 Front and Rear MountNetScreen-5400 Front Mount NetScreen-5200 Mid-MountInstalling and Wiring a DC Power Supply Installing and Connecting the AC Power Supply48V COMThumbscrew Power Establishing AN HA Connection Connecting the NETSCREEN-5000 Series to a Router or SwitchInstalling the Device User’s Guide Configuring the Device Route Mode Transparent ModeOperational Modes NETSCREEN-5000 Interfaces NetScreen-5200 InterfacesNetScreen-5400 Interfaces Configurable InterfacesEstablishing a Terminal Emulator Connection Performing Initial Connection and ConfigurationUpgrading the Firmware During the Boot Process Setting Port and Interface IP Addresses Changing Your Admin Name and PasswordViewing Current Interface Settings Setting the IP Address of the Management InterfaceSetting the IP Address for the Untrust Zone Interface Setting the IP Address for the Trust Zone InterfaceConfiguring the Device for Telnet and Webui Sessions Starting a Console Session Using TelnetAllowing Outbound Traffic Establishing a GUI Management Session Starting a Console Session Using DialupHttp//10.100.2.183 Configuring the Chassis AlarmConfiguring Aggregate Interfaces Configuring Jumbo FramesFollowing CLI command unset admin device-reset Using CLI Commands to Reset the DevicePress the y key Following message appears Servicing the Device Removing and Reseating Modules Replacing a DC Power SupplyReplacing the FAN Module Replacing AN AC Power SupplyNetScreen-5200 Fan Module Remove the fan tray See NetScreen-5200 Fan Module on NetScreen-5200 Fan Tray FilterNetScreen-5400 Fan Module Replacing the Fan Module Remove the fan tray See NetScreen-5400 Fan Module on NetScreen-5400 Fan Tray FilterRemoving and Installing a MINI-GBIC Transceiver Connecting and Disconnecting Gigabit Ethernet CablesServicing the Device User’s Guide Specifications NETSCREEN-5200 Attributes Electrical SpecificationNETSCREEN-5400 Attributes EnvironmentalConnectors Safety CertificationsNebs Certifications EMI CertificationsAppendix a Specifications Port Descriptions and LED Status B MGT Module Port DescriptionsFollowing table details the ports on the 5000-8G2 SPM Module LED DescriptionsStatus LED States Interpreting Status LEDs for the Management ModulesInterpreting Ethernet Port Status LEDs for All Modules Interpreting Status LEDs for the Secure Port ModuleInterpreting Power Supply LED Status for the NetScreen-5400 Interpreting Power Supply LED Status for the NetScreen-5200Power Supply Leds Single SPM InstalledFAN LED Viii Index IX-II