Default Device Settings
This section describes the default settings and operation of an SSG 20 device.
Table 5 shows the default zone bindings for ports on the devices.
Table 5: Default Physical Interface to Zone Bindings
Port Label | Interface | Zone |
|
|
|
10/100 Ethernet ports: |
|
|
|
|
|
0/0 | ethernet0/0 | Untrust |
|
|
|
0/1 | ethernet0/1 | DMZ |
|
|
|
0/2 | bgroup0 (ethernet0/2) | Trust |
|
|
|
0/3 | bgroup0 (ethernet0/3) | Trust |
|
|
|
0/4 | bgroup0 (ethernet0/4) | Trust |
|
|
|
AUX | serial0/0 | Null |
|
| |
WAN mini PIM ports (x = mini PIM slot 1 or 2): |
| |
|
|
|
ADSL2/2+ (Annex A) | adsl(x/0) | Untrust |
|
|
|
ADSL2/2+ (Annex B) | adsl(x/0) | Untrust |
|
|
|
T1 | serial(x/0) | Untrust |
|
|
|
E1 | serial(x/0) | Untrust |
|
|
|
ISDN | bri(x/0) | Untrust |
|
|
|
V.92 | serial(x/0) | Null |
|
|
|
A bridge group (bgroup) is designed to allow network users to switch between wired and wireless traffic without having to reconfigure or reboot the device. By default, the ethernet0/2 — ethernet0/4 interfaces, labeled as ports 0/2 — 0/4 on the device, are grouped together as the bgroup0 interface, have the IP address 192.168.1.1/24, and are bound to the Trust security zone. You can configure up to four bgroups.
If you want to set an Ethernet or a wireless interface into a bgroup, you must first make sure that the Ethernet or wireless interface is in the Null security zone. Unsetting the Ethernet or wireless interface that is in a bgroup places the interface in the Null security zone. Once assigned to the Null security zone, the Ethernet interface can be bound to a security zone and assigned a different IP address.
Default Device Settings 31