Juniper Networks 5000 SERIES Starting a Console Session Using Telnet, Allowing Outbound Traffic

Page 37

Configuring the Device for Telnet and WebUI Sessions

3.Set the IP address and subnet mask by executing the following command: set interface ethernet2/3 ip ip_addr/mask

where ip_addr is the IP address and mask is the subnet mask. For example, to set the IP address and subnet mask of the ethernet2/3 interface to 172.16.20.1/16:

set interface ethernet2/3 ip 172.16.20.1/16

4.(Optional) To confirm the new interface settings, execute the following command:

get interface ethernet2/3

Allowing Outbound Traffic

By default, the NetScreen-5000 Series device does not allow inbound or outbound traffic, nor does it allow traffic to or from the DMZ. To permit (or deny) traffic, you must create access policies.

The following CLI command creates an access policy that permits all kinds of outbound traffic, from any host in your trusted LAN to any device on the untrusted network.

set policy from trust to untrust any any any permit

Save your access policy configuration with the following command:

save

Important: Your network might require a more restrictive policy than the one created in the example above. The example is NOT a requirement for initial configuration. For detailed information about access policies, see the NetScreen Concepts & Examples ScreenOS Reference Guide.

CONFIGURING THE DEVICE FOR TELNET AND WEBUI SESSIONS

In addition to terminal emulator programs, you can use Telnet (or dialup) to establish console sessions with the NetScreen-5000 Series device. In addition, you can start management sessions using the NetScreen WebUI, a web-based GUI management application.

Starting a Console Session Using Telnet

To establish a Telnet session with the NetScreen-5000 Series device:

1.Connect an RJ-45 cable from the MGT interface to the internal switch, router, or hub in your LAN.

2.Open a Telnet session, specifying the current MGT interface IP address. For example, in Windows, click Start > Run, enter telnet ip_addr (where ip_addr is the address of the MGT interface), then click OK.

NetScreen-5000 Series

29

Image 37

Contents NETSCREEN-5000 Series Copyright Notice Language Contents Language Contents Table of Contents Servicing the Device Index Table of Contents Viii Guide Organization PrefaceSet admin user name1 password xyz Command Line Interface CLI ConventionsJuniper Networks Netscreen Publications Overview1 NetScreen-5400 NetScreen-5200NETSCREEN-5000 Series Power Supplies NetScreen-5400 Power Recommendations NetScreen-5200 Power RecommendationsDC Power Supply FAN Modules AC Power SupplyNETSCREEN-5000 Modules Management Modules5000-M Management Module NetScreen-5000 Modules 5000-M2 Management Module5000-8G SPM Secure Port Modules5000-2G24FE SPM Overview User’s Guide Installing the Device Equipment Rack Installation Guidelines General Installation GuidelinesMounting the NETSCREEN-5000 Series NetScreen-5200 Front and Rear MountNetScreen-5400 Front Mount NetScreen-5200 Mid-MountInstalling and Wiring a DC Power Supply Installing and Connecting the AC Power Supply48V COMThumbscrew Power Establishing AN HA Connection Connecting the NETSCREEN-5000 Series to a Router or SwitchInstalling the Device User’s Guide Configuring the Device Route Mode Transparent ModeOperational Modes NETSCREEN-5000 Interfaces NetScreen-5200 InterfacesNetScreen-5400 Interfaces Configurable InterfacesEstablishing a Terminal Emulator Connection Performing Initial Connection and ConfigurationUpgrading the Firmware During the Boot Process Setting Port and Interface IP Addresses Changing Your Admin Name and PasswordViewing Current Interface Settings Setting the IP Address of the Management InterfaceSetting the IP Address for the Untrust Zone Interface Setting the IP Address for the Trust Zone InterfaceConfiguring the Device for Telnet and Webui Sessions Starting a Console Session Using TelnetAllowing Outbound Traffic Establishing a GUI Management Session Starting a Console Session Using DialupTelnet Http//10.100.2.183 Configuring the Chassis AlarmGet chassis Set interface string zone zonename Configuring Aggregate InterfacesGet interface Get interface aggregate1 Following CLI command unset admin device-reset Using CLI Commands to Reset the DevicePress the y key Following message appears Servicing the Device Removing and Reseating Modules Replacing a DC Power SupplyReplacing the FAN Tray Replacing AN AC Power SupplyConnecting and Disconnecting Gigabit Ethernet Cables Removing and Installing a MINI-GBIC Transceiver Servicing the Device User’s Guide Specifications Environmental Specification Electrical SpecificationNETSCREEN-5200 Attributes NETSCREEN-5400 AttributesConnectors Safety CertificationsNebs Certifications EMI CertificationsAppendix a Specifications User’s Guide Port Descriptions and LED Status B MGT Module Port DescriptionsModule LED Descriptions Interpreting Status LEDs for the Management ModulesStatus LED States Interpreting Ethernet Port Status LEDs for All Modules Interpreting Status LEDs for the Secure Port ModuleInterpreting Power Supply LED Status for the NetScreen-5400 Interpreting Power Supply LED Status for the NetScreen-5200Power Supply Leds Single SPM InstalledFAN LED Index User’s Guide Table des matières Chapitre Entretien de l’unité Index 103 Table des matières Xii Manuel de l’utilisateur Organisation DU Manuel PréfacePublications Juniper Networks Netscreen Set admin user nom1 password xyzPrésentation générale Unité NetScreen-5400 Unité NetScreen-5200Série DE Produits NETSCREEN-5000 Blocs D’ALIMENTATION DEL Bloc d’alimentation CCModules DE Ventilation Bloc d’alimentation CAModules NETSCREEN-5000 Modules de gestionModule de gestion 5000-M Modules NetScreen-5000 Module de gestion 5000-M2SPM 5000-8G Modules de ports sécurisésSPM 5000-2G24FE Chapitre 1 Présentation générale Manuel de l’utilisateur Installation de l’unité Instructions D’INSTALLATION DE LA Baie DE Équipement Instructions D’INSTALLATION GénéralesMontage DE L’UNITÉ DE LA Série NETSCREEN-5000 Montage avant et arrière de l’unité NetScreen-5200Montage frontal de l’unité NetScreen-5400 Montage à mi-hauteur de l’unité NetScreen-5200Installation ET Raccordement D’UN Bloc ’ALIMENTATION CD Installation ET Connexion DU Bloc Dalimentation CACOM Établissement D’UNE Connexion HA Chapitre 2 Installation de l’unité Manuel de l’utilisateur Configuration de l’unité Mode Route Mode TransparentModes DE Fonctionnement Interfaces NETSCREEN-5000 Interfaces NetScreen-5200Interfaces NetScreen-5400 Interfaces configurablesÉtablissement d’une connexion d’émulateur de terminal Exécution DE LA Connexion ET DE LA Configuration InitialesChapitre 3 Configuration de l’unité Configuration de l’adresse IP de l’interface de gestion Configuration des adresses IP de port et d’interfaceAffichage des paramètres d’interface actuels Set interface mgt ip adrip/masqueSet interface ethernet2/2 ip adrip/masque Get interface mgtGet interface ethernet2/2 Autorisation du trafic sortant Démarrage d’une session de console à l’aide de TelnetSet interface ethernet2/3 ip adrip/masque Telnet Configuration DE L’ALARME DE Châssis Set interface chaîne zone nomdelazone Configuration D’INTERFACES AgrégéesSérie de produits NetScreen-5000 Appuyez sur la touche y Le message suivant s’affiche Entretien de l’unité Remplacement D’UN Bloc D’ALIMENTATION CC Retrait ET Réinstallation DES ModulesRemplacement DU Bloc DE Ventilation Remplacement D’UN Bloc D’ALIMENTATION CAConnexion ET Déconnexion DES Câbles Gigabit Ethernet Retrait ET Installation D’UN Transmetteur MINI-GBIC Chapitre 4 Entretien de l’unité Manuel de l’utilisateur SpécificationsA Attributs DE L’UNITÉ NETSCREEN-5400 Attributs DE L’UNITÉ NETSCREEN-5200Spécifications Électriques Spécifications EnvironnementalesCertifications DE Conformité Certifications NebsCertifications EMI ConnecteursAnnexe a Spécifications Manuel de l’utilisateur Série de produits NetScreen-5000 Description DES Ports DES Modules Description DES DEL DES Modules Interprétation des DEL d’état des modules de gestionEtats DES DEL D’ÉTAT Interprétation des DEL d’état des modules de ports sécurisés DEL DES Blocs D’ALIMENTATION Un seul SPM installéDEL DE Ventilation FAN Nombres 104 Manuel de l’utilisateur