Juniper Networks 5000 SERIES manual Setting the IP Address for the Trust Zone Interface

Page 36

Chapter 3 Configuring the Device

For example, to set the IP address and subnet mask of the MGT interface to 10.100.2.183 and 16, respectively:

set interface mgt ip 10.100.2.183/16

3.To confirm the new port settings, execute the following command: get interface mgt

Setting the IP Address for the Trust Zone Interface

The NetScreen-5000 Series device usually communicates with your protected network through an interface bound to the Trust zone. To allow an interface to communicate with internal devices, you must assign it the IP address and subnet mask for your protected network.

To set up the ethernet2/2 interface to communicate with your trusted network:

1.Determine the IP address and subnet mask of your trusted network.

2.Set the ethernet2/2 interface to the Trust zone by executing the following command:

set interface ethernet2/2 zone trust

3.Set the IP address and subnet mask by executing the following command: set interface ethernet2/2 ip ip_addr/mask

where ip_addr is the IP address and mask is the subnet mask. For example, to set the IP address and subnet mask of the ethernet2/2 interface to 10.250.2.1/16:

set interface ethernet2/2 ip 10.250.2.1/16

4.(Optional) To confirm the new port settings, execute the following command: get interface ethernet2/2

Setting the IP Address for the Untrust Zone Interface

The NetScreen-5000 Series device usually communicates with external (untrusted) devices through an interface bound to the Untrust zone. To allow an interface to communicate with external devices, you must assign it a public IP address.

To set up the ethernet2/3 interface to communicate with external devices:

1.Choose an unused public IP address and subnet mask.

2.Set the ethernet2/3 interface to the Untrust zone by executing the following command:

set interface ethernet2/3 zone untrust

28	User’s Guide

Image 36

Contents NETSCREEN-5000 Series Copyright Notice Language Contents Language Contents Table of Contents Servicing the Device Index Table of Contents Viii Preface Guide OrganizationCommand Line Interface CLI Conventions Set admin user name1 password xyzJuniper Networks Netscreen Publications Overview1 NetScreen-5200 NetScreen-5400NETSCREEN-5000 Series Power Supplies NetScreen-5200 Power Recommendations NetScreen-5400 Power RecommendationsDC Power Supply AC Power Supply FAN ModulesManagement Modules NETSCREEN-5000 Modules5000-M Management Module 5000-M2 Management Module NetScreen-5000 ModulesSecure Port Modules 5000-8G SPM5000-2G24FE SPM Overview User’s Guide Installing the Device General Installation Guidelines Equipment Rack Installation GuidelinesNetScreen-5200 Front and Rear Mount Mounting the NETSCREEN-5000 SeriesNetScreen-5200 Mid-Mount NetScreen-5400 Front MountInstalling and Connecting the AC Power Supply Installing and Wiring a DC Power Supply48V COMThumbscrew Power Connecting the NETSCREEN-5000 Series to a Router or Switch Establishing AN HA ConnectionInstalling the Device User’s Guide Configuring the Device Transparent Mode Route ModeOperational Modes NetScreen-5200 Interfaces NETSCREEN-5000 InterfacesConfigurable Interfaces NetScreen-5400 Interfaces Performing Initial Connection and Configuration Establishing a Terminal Emulator ConnectionUpgrading the Firmware During the Boot Process Changing Your Admin Name and Password Setting Port and Interface IP AddressesViewing Current Interface Settings Setting the IP Address of the Management InterfaceSetting the IP Address for the Trust Zone Interface Setting the IP Address for the Untrust Zone InterfaceStarting a Console Session Using Telnet Configuring the Device for Telnet and Webui SessionsAllowing Outbound Traffic Starting a Console Session Using Dialup Establishing a GUI Management SessionTelnet Configuring the Chassis Alarm Http//10.100.2.183Get chassis Configuring Aggregate Interfaces Set interface string zone zonenameGet interface Get interface aggregate1 Using CLI Commands to Reset the Device Following CLI command unset admin device-resetPress the y key Following message appears Servicing the Device Replacing a DC Power Supply Removing and Reseating ModulesReplacing AN AC Power Supply Replacing the FAN TrayConnecting and Disconnecting Gigabit Ethernet Cables Removing and Installing a MINI-GBIC Transceiver Servicing the Device User’s Guide Specifications Electrical Specification Environmental SpecificationNETSCREEN-5200 Attributes NETSCREEN-5400 AttributesSafety Certifications ConnectorsNebs Certifications EMI CertificationsAppendix a Specifications User’s Guide Port Descriptions and LED Status B Module Port Descriptions MGTInterpreting Status LEDs for the Management Modules Module LED DescriptionsStatus LED States Interpreting Status LEDs for the Secure Port Module Interpreting Ethernet Port Status LEDs for All ModulesInterpreting Power Supply LED Status for the NetScreen-5200 Interpreting Power Supply LED Status for the NetScreen-5400Power Supply Leds Single SPM InstalledFAN LED Index User’s Guide Table des matières Chapitre Entretien de l’unité Index 103 Table des matières Xii Manuel de l’utilisateur Préface Organisation DU ManuelSet admin user nom1 password xyz Publications Juniper Networks NetscreenPrésentation générale Unité NetScreen-5200 Unité NetScreen-5400Série DE Produits NETSCREEN-5000 Blocs D’ALIMENTATION Bloc d’alimentation CC DELBloc d’alimentation CA Modules DE VentilationModules de gestion Modules NETSCREEN-5000Module de gestion 5000-M Module de gestion 5000-M2 Modules NetScreen-5000Modules de ports sécurisés SPM 5000-8GSPM 5000-2G24FE Chapitre 1 Présentation générale Manuel de l’utilisateur Installation de l’unité Instructions D’INSTALLATION Générales Instructions D’INSTALLATION DE LA Baie DE ÉquipementMontage avant et arrière de l’unité NetScreen-5200 Montage DE L’UNITÉ DE LA Série NETSCREEN-5000Montage à mi-hauteur de l’unité NetScreen-5200 Montage frontal de l’unité NetScreen-5400Installation ET Connexion DU Bloc Dalimentation CA Installation ET Raccordement D’UN Bloc ’ALIMENTATION CDCOM Établissement D’UNE Connexion HA Chapitre 2 Installation de l’unité Manuel de l’utilisateur Configuration de l’unité Mode Transparent Mode RouteModes DE Fonctionnement Interfaces NetScreen-5200 Interfaces NETSCREEN-5000Interfaces configurables Interfaces NetScreen-5400Exécution DE LA Connexion ET DE LA Configuration Initiales Établissement d’une connexion d’émulateur de terminalChapitre 3 Configuration de l’unité Configuration des adresses IP de port et d’interface Configuration de l’adresse IP de l’interface de gestionAffichage des paramètres d’interface actuels Set interface mgt ip adrip/masqueGet interface mgt Set interface ethernet2/2 ip adrip/masqueGet interface ethernet2/2 Démarrage d’une session de console à l’aide de Telnet Autorisation du trafic sortantSet interface ethernet2/3 ip adrip/masque Telnet Configuration DE L’ALARME DE Châssis Configuration D’INTERFACES Agrégées Set interface chaîne zone nomdelazoneSérie de produits NetScreen-5000 Appuyez sur la touche y Le message suivant s’affiche Entretien de l’unité Retrait ET Réinstallation DES Modules Remplacement D’UN Bloc D’ALIMENTATION CCRemplacement D’UN Bloc D’ALIMENTATION CA Remplacement DU Bloc DE VentilationConnexion ET Déconnexion DES Câbles Gigabit Ethernet Retrait ET Installation D’UN Transmetteur MINI-GBIC Chapitre 4 Entretien de l’unité Manuel de l’utilisateur SpécificationsA Attributs DE L’UNITÉ NETSCREEN-5200 Attributs DE L’UNITÉ NETSCREEN-5400Spécifications Électriques Spécifications EnvironnementalesCertifications Nebs Certifications DE ConformitéCertifications EMI ConnecteursAnnexe a Spécifications Manuel de l’utilisateur Série de produits NetScreen-5000 Description DES Ports DES Modules Interprétation des DEL d’état des modules de gestion Description DES DEL DES ModulesEtats DES DEL D’ÉTAT Interprétation des DEL d’état des modules de ports sécurisés Un seul SPM installé DEL DES Blocs D’ALIMENTATIONDEL DE Ventilation FAN Nombres 104 Manuel de l’utilisateur