Transparent Mode, Route Mode | Juniper Networks 5000 manual

Chapter 3 Configuring the Device

OPERATIONAL MODES

The NetScreen-5000 Series supports two operational modes: Transparent and Route. The default mode is Route.

Transparent Mode

In Transparent mode, a NetScreen-5000 Series systems operates as a Layer-2 bridge. Because the device cannot translate packet IP addresses, it cannot perform Network Address Translation (NAT). Consequently, for the device to access the Internet, any IP address in your trusted (local) networks must be routable and accessible from untrusted (external) networks.

In Transparent mode, the IP addresses for the Layer-2 Trust and Untrust zones are 0.0.0.0, thus making the NetScreen-5000 Series system invisible to the network. However, the device can still perform firewall, VPN, and traffic management according to configured security policies.

Route Mode

In Route mode, a NetScreen-5000 Series system operates at Layer 3. Because you can configure each interface using an IP address and subnet mask, you can configure individual interfaces to perform NAT.

•When the interface performs NAT services, the NetScreen-5000 Series system translates the source IP address of each outgoing packet into the IP address of the untrusted interface. It also replaces the source port number with a randomly-generated value.

•When the interface does not perform NAT services, the source IP address and port number in each packet header remain unchanged. Therefore, to reach the Internet your local hosts must have routable IP addresses.

For more information on NAT, see the NetScreen Concepts & Examples ScreenOS Reference Guide.

22	User’s Guide

Image 30

Juniper Networks 5000 manual Transparent Mode, Route Mode, Operational Modes

Contents

NETSCREEN-5000 Series Copyright Notice Table of Contents Servicing the Device IX-I Table of Contents Preface Guide Organization Command Line Interface CLI Conventions Juniper Networks Netscreen Publications Overview1 NetScreen-5200 NetScreen-5400NETSCREEN-5000 Series NetScreen-5200 Power Recommendations NetScreen-5400 Power RecommendationsPower Supplies DC Power Supply AC Power Supply FAN Modules NETSCREEN-5000 Modules Management Modules 5000-M Management Module 5000-M2 Management Module Secure Port Modules 5000-8G SPM 5000-2G24FE SPM 5000-8G2 SPM 5000-2XGE SPM Part Number Description Distance Fiber Type Overview User’s Guide Installing the Device General Installation Guidelines Equipment Rack Installation Guidelines NetScreen-5200 Front and Rear Mount Mounting the NETSCREEN-5000 Series NetScreen-5200 Mid-Mount NetScreen-5400 Front Mount Installing and Connecting the AC Power Supply Installing and Wiring a DC Power Supply 48V COMThumbscrew Power Connecting the NETSCREEN-5000 Series to a Router or Switch Establishing AN HA Connection Installing the Device User’s Guide Configuring the Device Transparent Mode Route ModeOperational Modes NetScreen-5200 Interfaces NETSCREEN-5000 Interfaces Configurable Interfaces NetScreen-5400 Interfaces Performing Initial Connection and Configuration Establishing a Terminal Emulator Connection Upgrading the Firmware During the Boot Process Viewing Current Interface Settings Changing Your Admin Name and PasswordSetting Port and Interface IP Addresses Setting the IP Address of the Management Interface Setting the IP Address for the Trust Zone Interface Setting the IP Address for the Untrust Zone Interface Starting a Console Session Using Telnet Configuring the Device for Telnet and Webui SessionsAllowing Outbound Traffic Starting a Console Session Using Dialup Establishing a GUI Management Session Configuring the Chassis Alarm Http//10.100.2.183 Configuring Jumbo Frames Configuring Aggregate Interfaces Using CLI Commands to Reset the Device Following CLI command unset admin device-reset Press the y key Following message appears Servicing the Device Replacing a DC Power Supply Removing and Reseating Modules Replacing AN AC Power Supply Replacing the FAN Module NetScreen-5200 Fan Module NetScreen-5200 Fan Tray Filter Remove the fan tray See NetScreen-5200 Fan Module on NetScreen-5400 Fan Module Replacing the Fan Module NetScreen-5400 Fan Tray Filter Remove the fan tray See NetScreen-5400 Fan Module on Connecting and Disconnecting Gigabit Ethernet Cables Removing and Installing a MINI-GBIC Transceiver Servicing the Device User’s Guide Specifications NETSCREEN-5400 Attributes Electrical SpecificationNETSCREEN-5200 Attributes Environmental Nebs Certifications Safety CertificationsConnectors EMI Certifications Appendix a Specifications Port Descriptions and LED Status B Module Port Descriptions MGT Module LED Descriptions Following table details the ports on the 5000-8G2 SPM Interpreting Status LEDs for the Management Modules Status LED States Interpreting Status LEDs for the Secure Port Module Interpreting Ethernet Port Status LEDs for All Modules Power Supply Leds Interpreting Power Supply LED Status for the NetScreen-5200Interpreting Power Supply LED Status for the NetScreen-5400 Single SPM Installed FAN LED Viii Index IX-II