Juniper Networks SSG 20 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Juniper Networks SSG 20. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoJuniper Networks SSG 20 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Juniper Networks SSG 20 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual Juniper Networks SSG 20, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual Juniper Networks SSG 20 deve conte:
- dados técnicos do dispositivo Juniper Networks SSG 20
- nome do fabricante e ano de fabricação do dispositivo Juniper Networks SSG 20
- instruções de utilização, regulação e manutenção do dispositivo Juniper Networks SSG 20
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Juniper Networks SSG 20 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Juniper Networks SSG 20 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Juniper Networks na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Juniper Networks SSG 20, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Juniper Networks SSG 20, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Juniper Networks SSG 20. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    Juniper Networks , Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-200 0 www .juniper .net Part Number: 530-015646-01, Revision 03 Security Products SSG 20 Hard w are Installation and Configuration Guide[...]

  • Página 2

    2  Copyright Notice Copyright © 2006 Juniper Networks, Inc. All rights reserved. Juniper Networks and the Juniper Networks lo go are registered trademarks of Juniper Ne tworks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademar ks, or registered service marks in this document are th e proper [...]

  • Página 3

    T able of Conten ts  3 T able of Contents About This Guide 5 Organization . ................ ............. ............. ............. ................ ............. ............. .. 6 WebUI Convention s ................ ............. ............. ................ ............. ............. ..... 6 CLI Conventions ...................... ......[...]

  • Página 4

    4  T able of Contents SSG 20 Hardw are Installation and Configuration Guide Using Telnet ..................... ................ ............. ............. ............. ................ 30 Default Device Set tings ........ ............. ................ ............. ............. ............. ...... 31 Basic Device Configuration ........ ....[...]

  • Página 5

     5 About This Guide The Juniper Networks Secure Services Gate wa y (S SG) 20 device is an integrated router and fir ew all platform th at pro vides Internet Prot ocol Security (IPSec) virtual private netw ork (VPN) and firew all services for a branch office or a ret ail outlet. Juniper Networks offers two models of the SSG 20 device:  SSG 20,[...]

  • Página 6

    SSG 20 Hardw are Installation and Configuration Guide 6  Organization Organization This guide contains the follo wing sections:  Chapter 1, “Hardw are Ov ervie w ,” describes the chassis and com ponents of an SSG 20 device .  Chapter 2, “Installing and Connecting th e Device ,” describes ho w t o mount an SSG 20 device and h ow t o[...]

  • Página 7

    CLI Convent ions  7 About This Guide Figure 1: Navigational P ath and Configuration Settings CLI Conventions The follo wing conventions ar e used to pr e sent the syntax of CLI commands in ex amples and in text. In ex amples:  Anything inside squar e brack ets [ ] is optional.  Anyt hing inside braces { } is r equired.  If there is more[...]

  • Página 8

    SSG 20 Hardw are Installation and Configuration Guide 8  Obtaining Documentation and T echnical Suppor t Obtaining Documentation and T echnical Suppor t T o obtain technical documentation for any Juniper Networks product, visit www .juniper .net/techpubs/ . F or technical support, open a su pport case using the Case Manager link at http://www .j[...]

  • Página 9

     9 Chapter 1 Hard w are Over view This chapter pro vides detailed descriptions of the SSG 20 chassis and its components . It contains the f ollowing sections:  “P ort and P ow er Connect or s” on page 1 0  “Front P anel” on page 1 1  “Back P anel” on page 16[...]

  • Página 10

    SSG 20 Hardw are Installation and Configuration Guide 10  Port and Power Connectors P or t and Pow er Connector s This section describes and displays the location of the built-in ports and pow er connector s . Refer t o the following figur e for built-in port locations and T able 1 for the pow er connector descriptions . Figure 2: Built-in Por t[...]

  • Página 11

    Front Panel  11 F ront P anel This section describes the follo wing elements on the front panel of an SSG 20 device:  System St atus LEDs  P ort De scriptions  Mini Phy sical Interface Module P ort Descriptions System Status LEDs The system status LEDs displa y informatio n about critical device functions . Figure 3 illustrates the posi[...]

  • Página 12

    SSG 20 Hardw are Installation and Configuration Guide 12  Front P anel PIM 2 Green On steadily Indicat es that the mini PIM is functioning. Blinking Indicates that the min i PIM is passing traffi c. Off Indicates that the mini PIM is not operat ional. WLAN (On WLAN device only) 802.1 1a Gr een On steadily Indicates that a wir eless connection is[...]

  • Página 13

    Front Panel  13 Por t Descriptions This section e xplains the purpose and function of the follo wing:  Ethernet P orts  Console P ort  AU X Po r t Ethernet Por ts Five 1 0/1 00 Ethernet ports provide LAN conne ctions t o hubs , switches , local servers , and workstations . Y ou can also designate an Ethernet port for management traffic [...]

  • Página 14

    SSG 20 Hardw are Installation and Configuration Guide 14  Front P anel AUX P or t The auxiliary (A UX) po rt is an RJ-45 ser ial port wired as data terminal equipment (D TE) that can be connected to a modem to allow r em ote administration. W e do not recommend using this port for regular r emote administration. The A UX port is typically assign[...]

  • Página 15

    Front Panel  15 T able 4: Mini PIM LED States on the SSG 20 T ype Name Color State Description ADSL 2/2+ (Annex A and B) SYNC Green On steadily Indicates that the ADSL interface i s trained Blinking Indicates training is in pr ogress Off Indicates that the interf ace is idle TX/RX Green Bl inking In dicates that traffic i s passin g through Off [...]

  • Página 16

    SSG 20 Hardw are Installation and Configuration Guide 16  Back Panel Back P anel This section describes the follo wing elem ents on the back panel o f an SSG 20 device:  P ow er A dapter  Radi o T ransceiv ers  Gr ounding L ug  Antennae T ypes  USB P ort Figure 6: Back Panel of an SSG 20-WLAN De vice Po w er Adapter The PO WER LED[...]

  • Página 17

    Back Panel  17 Grounding Lu g A one-hole grounding lug is provided on the rear of the chassis t o connect the device t o earth ground (see Figure 6). T o ground the device befor e connecting pow er , connect a grounding cable to earth ground and then att ach the cable to the lug on the rear of the chassis .[...]

  • Página 18

    SSG 20 Hardw are Installation and Configuration Guide 18  Back Panel Antennae T ypes The SSG 20-W LAN device supports three types of custom-built radio antennae:  Div ers ity antennae — The diver si ty antennae provide 2dBi dir ectional cov era ge and a fairly uniform le vel of signal str ength within the a rea of cov erage and ar e suitabl[...]

  • Página 19

     19 Chapter 2 Installing and Connecting the Device This chapter describes how to mount an SSG 20 de vice and connect cables a nd pow er to the de vice . This chapter contains the following sections:  “Befor e Y ou Begin” on page 20  “Installing Equipment” on page 20  “Connecting Interface Cables t o a Device” on page 22  [...]

  • Página 20

    SSG 20 Hardw are Installation and Configuration Guide 20  Before Y ou Begin Before Y ou Begin The location of the chassis, the lay out of the mounting equipmen t, and th e security of your wiring room are crucia l for pr oper system operation. Observing the follo wing precautions can pr e vent shutdo wns , equipment f ailures , and injuries: [...]

  • Página 21

    Installing Equipment  21 T o front-mount an SSG 20 device ont o a standar d 19-inch equipment r ack, perform the follo wing steps: Figure 7: SSG 20 F ront-mount 1. Align the pow er supply rack-mount ea r to the left-fr ont edge of the de vice . 2. Place the scre ws in the holes and us e a phillips screw drive r to secur e them. 3. Align the othe[...]

  • Página 22

    SSG 20 Hardw are Installation and Configuration Guide 22  Connecting Interface Cables to a Dev ice T o desk -mount an SSG 20 device , perf orm the follo wing steps: Figure 9: SSG 20 Desk-mount 1. A ttach the desktop st and to the side of the device . W e r ecommend using the side closest to the pow er adapter . 2. Place the mounted device on the[...]

  • Página 23

    Connecting a Device to a Network  23 Connecting a Device to a Network An SSG 20 device pro vides fir ew all and general security for networks when it is placed between internal networks and the untrusted netw ork. This section describes the following:  Connecting a Device to an Untrusted Netw ork  Connecting a Device t o an Internal Networ[...]

  • Página 24

    SSG 20 Hardw are Installation and Configuration Guide 24  Connecting a Device to a Network Ethernet Por ts T o establish a high-speed connection, co nn ect the pro vided Ethernet cable from the Ethernet port mark ed 0/0 on an SSG 20 de vice to the e xternal ro uter . The device autosenses the corr ect speed, duplex, and MDI/MDIX settings . Seria[...]

  • Página 25

    Connecting a Device to a Network  25 Figure 11: Microfilter and Splitter on Y our Network Connection ISDN, T1, E1, and V .92 Mini PIMs T o conne ct the mini PIMs to a de vice , perform the f ollowing steps: 1. Hav e ready a length of the type of cable used by the interface . 2. Insert the cable connector into the cable-co nnector port on the int[...]

  • Página 26

    SSG 20 Hardw are Installation and Configuration Guide 26  Connecting a Device to a Network Wireless Antennae If you ar e using the wireless interface , you need to connect the pr ovided antennae on the device . If yo u have the st andard 2d B diversity antennae , use scre ws t o att ach them onto the posts marked A and B at th e back of the de v[...]

  • Página 27

     27 Chapter 3 Configuring the Device ScreenOS softw are is pr e installed on an SSG 20 de vice . When the device is po wer ed on, it is ready t o be configured. While the de vi ce has a default f actory configur ation that allow s you t o initially connect to the device , you need to perf o rm further configuration for y our spec ific network r [...]

  • Página 28

    SSG 20 Hardw are Installation and Configuration Guide 28  Accessing a Device Accessing a Device Y o u can configure and manage a device in sev er al wa ys:  Console: The Console port on the device allo ws y ou to access the device through a serial cable connected t o y our workst ation or terminal. T o configure the device , you enter ScreenO[...]

  • Página 29

    Accessing a Device  29 3. Launch a serial terminal-emulation program on y our workst ation. The required settings to launch a console session are as fo llow s:  Baud rate: 9600  P arity: None  Data bits: 8  Stop bit: 1  Flow Control: None 4. If y ou hav e not yet changed the def ault login f or the admin name and passwor d, enter [...]

  • Página 30

    SSG 20 Hardw are Installation and Configuration Guide 30  Accessing a Device Figure 14: WebUI Login Prompt 4. If y ou hav e not yet changed the def ault login f or the admin name and passwor d, enter netscree n at both the admin name and passwor d prompts . (Use low ercase letter s only . The login and password fields ar e bo th case-sensitive .[...]

  • Página 31

    Default Device Settings  31 Default Device Settings This section describes the default settin gs and operation of an SSG 20 device . T able 5 shows the def ault zone bindings for ports on the devices . T able 5: Default Ph ysical Interface to Zone Bindings A bridge group (bgr oup) is designed to allow netw ork users to swit ch between wir ed and[...]

  • Página 32

    SSG 20 Hardw are Installation and Configuration Guide 32  Default Device Settings T o unset ethernet0/3 from bgr oup0 and assign it to the T rust zone with a static IP address of 192.168.3.1/24, use the W ebUI or CLI as follo w s: We b U I Network > Interf aces > List > Edit (bgroup0) > Bind P ort: deselect ethernet0/3 , then click A[...]

  • Página 33

    Basic Device Configuration  33 Basic Device Configuration This section describes the follo wing basic configuration settings:  Root A dmin Name and P asswor d  Date and Time  Bridge Group Interf ace s  A dministrativ e A ccess  Management Services  Hostname and Domain Name  Default R oute  Management Interface A ddr ess ?[...]

  • Página 34

    SSG 20 Hardw are Installation and Configuration Guide 34  Basic Device Configuration Date and Time The time set o n an SSG 20 device affect s events such as the setup of VPN tunnels . The easiest way t o set the date and time on the device is to use the W e bUI to synchroniz e the device system clock with the workst ation clock. T o config ure t[...]

  • Página 35

    Basic Device Configuration  35 CLI unset interface bgro up0 por t ether net0/3 unset interface bgro up0 por t ether net0/4 set interface bgroup 1 por t ethern et0/3 set interface bgroup 1 por t ethern et0/4 set interface bgroup1 por t wireless0/2 set interface bgroup 1 zone DMZ set interface bgroup1 ip 10.0.0.1/24 save Administrative Access By d[...]

  • Página 36

    SSG 20 Hardw are Installation and Configuration Guide 36  Basic Device Configuration Hostname and Domain Name The domain name defines th e network or subnetwork that the device belongs t o, while the hostname refer s t o a specific device . The hostname and domain name together uniquely identify the de vice in the network. T o configure the host[...]

  • Página 37

    Basic Wireless Configuration  37 Backup Untrust Interface Configuration The SSG 20 device allo ws y ou to configur e a backup interface f or untrust failo ver . T o set a backup interface f or untrust failo ver , perform the follo wing steps: 1. Set the backup interf ace in the Null sec urity zone with the unset interface interface [ po rt inter[...]

  • Página 38

    SSG 20 Hardw are Installation and Configuration Guide 38  Basic Wireless Configuration Once you ha ve set an SSID to the wirele ss0/0 interface , you can access the de vice using the default wir eless0/0 interface IP address in the steps described in “ A cce ssing a Device” on page 28. Figure 15 show s the default configur ation for the SSG [...]

  • Página 39

    Basic Wireless Configuration  39 T able 7: Wireless Authentication and Encr yption Options Refer to the Concepts & Ex amples ScreenOS Refer ence Guide for configu ration ex amples , SSID attributes , and CLI commands relating to wireless security configuratio ns . T o config ure a wireless interf ace for basic connectivity , use the W ebUI o[...]

  • Página 40

    SSG 20 Hardw are Installation and Configuration Guide 40  Basic Wireless Configuration 5. A ctivate wireless changes . Wireless > General Settings > Click A ctivate Changes . CLI 1. Set the WLAN co untry code and IP address . set wlan countr y-code { code_id } set interface wireless_interface ip ip_a ddr/net mask 2. Set the SSID. set ssid [...]

  • Página 41

    Mini PIM Configuration  41 Mini PIM Configuration This section explains how to configur e the mini phy sical interface modules (PIMs):  ADSL2/2+ In terface  ISDN Interface  T1 Interface  E1 Interf ace  V .92 Modem Interface ADSL2/2+ Interface Y o ur network uses the ADSL2/2+ interface ad slx/0 , with x re pres enting the mini PIM [...]

  • Página 42

    SSG 20 Hardw are Installation and Configuration Guide 42  Mini PIM Configuration V ir tual Circuits T o add virtual circuits , you cr e ate subinterfaces to the ADSL2/2+ interface . Y ou can create up t o 1 0 ADSL2/2+ subinterfaces . F or ex ample , to cr eate a new subinterface named adsl1/0.1 bound to the pr edefined zone named Untrust , use t[...]

  • Página 43

    Mini PIM Configuration  43 We b U I Network > Interf aces > List > Edit (f or the adsl1/0 interface): Enter the follo wing, then click Apply : VPI/VCI: 1 / 32 Multiplexing Meth od: LLC (s elected) CLI set interface adsl1/0 pvc 1 32 mux llc save PPP oE or PPP oA An SSG 20 de vice includes both PPP oE and PPP oA clients to connect to the [...]

  • Página 44

    SSG 20 Hardw are Installation and Configuration Guide 44  Mini PIM Configuration Static IP Address and Netmask If your service gav e you a specific, fixe d IP address and netmask f or your network, then configure the IP address and netmas k for the network and the IP address of the router port connected to the device . Y o u need to also specify[...]

  • Página 45

    Mini PIM Configuration  45 CLI set interface bgroup 0 dhcp ser ver option dn s1 1.1.1.152 save F or more inf ormation about configuring the ADSL and ADSL2/2+ interfaces , refer to t h e Concepts & Examples ScreenOS R eference Guide . ISDN Interface Integrated Services Digital Netw ork (IS DN) is a set of standar ds for digit al transmission [...]

  • Página 46

    SSG 20 Hardw are Installation and Configuration Guide 46  Mini PIM Configuration  A T&T Pub 540 14  ITU G.75 1, G.7 03 T o configure the T1 mini PIM, use the W ebUI or CLI as follow s: We b U I Network > Interf aces > List > Edit (serial1/ 0): Enter or select the following, then click OK : W AN Configure: main link W A N Encap[...]

  • Página 47

    Mini PIM Configuration  47 set ppp pro file “juniper test” au th local-name “jun iper” set ppp profile “juniper test” au th secret “password” set interface serial1/0 ppp profile “juniper test” set interface serial1/0 ip 172.18.1.1/24 set user “ser ve r” type wan set user “ser ver” password “ser ver” F or informati[...]

  • Página 48

    SSG 20 Hardw are Installation and Configuration Guide 48  Basic Firewall Protections Basic Firewall Protections The devices are configur ed with a default policy that permits workstations in the T rust z one of your network to access an y resour ce in the Un trust security zone , while outside computers are not allow ed to access or st art sessi[...]

  • Página 49

    Resetting a Device to Factor y De faults  49 Resetting a Device to F actor y Defaults If you lose the admin passwor d, you can reset the de vice to its def ault settings . This action destro ys any existing configur ations but rest ores access to the de vice . Y o u can rest ore the de vice to its def ault settings in one of the follo wing wa ys[...]

  • Página 50

    SSG 20 Hardw are Installation and Configuration Guide 50  Resetting a Device to F actor y Defaults[...]

  • Página 51

    Required T ools and Par ts  51 Chapter 4 Ser vicing the Device This chapter describes service and maintenance procedures f or an SSG 20 de vice . It contains the f ollowing sections:  “Requir ed T ools and P arts” on t his page  “Replacing a Mini-Ph ysical Interf ace Module” on this page  “Upgrading Memory” on page 54 Requir[...]

  • Página 52

    SSG 20 Hardw are Installation and Configuration Guide 52  Replacing a Mini-Physical Inter face Module Removing a Blank F aceplate T o maintain proper airflo w through the SSG 20 device , blank faceplates should remain o ver slots that do not contain mi ni PIMs . Do not remo ve a blank faceplate unless you ar e installing a mini PIM in its empty [...]

  • Página 53

    Replacing a Mini-Physical I nterface Module  53 8. Grasp the scr ew s on each side of the mini PIM faceplate and slide the mini PIM out of the device . Place the mini PIM in the electrost atic bag or on the antistatic mat. Figure 16: Removing a Mini PIM 9. If you ar e not reinstalling a mini PI M int o the empty slot, install a blank faceplate o[...]

  • Página 54

    SSG 20 Hardw are Installation and Configuration Guide 54  Upgrading Memor y 6. If necessary , arrange the cables to pr ev ent them from dislodging or dev elo ping stress points: a. Secure the cables so that they are not supporting their own weight as the y hang to the floor . b . Place any e xcess cables out of the way in neatly coiled loops. c.[...]

  • Página 55

    Upgrading Memor y  55 6. Release the 128 MB DIMM DRAM by pressing y our thumbs outwar d on the locking tabs on each side of the module so t h a t t h e ta bs m ove away f ro m th e module . Figure 19: Unlocking the Memor y Module 7. Grip the long edge of the memory modu le and slide it out. Set it aside . Figure 20: Removing Module Slots 8. Inse[...]

  • Página 56

    SSG 20 Hardw are Installation and Configuration Guide 56  Upgrading Memor y 9. Place the memory-card cov er ov er the slot. 1 0. Use the phillips screw driver to tighten the scre ws , securing the cov er to the device .[...]

  • Página 57

     57 Appendix A Specifications This appendix pro vides general sy stem specifications for an SSG 20 device . It contains the f ollowing sections:  “Phy sical” on page 58  “Electrical” on page 58  “Environmental T olerance” on page 58  “Certifications” on page 59  “Connectors” on page 60[...]

  • Página 58

    SSG 20 Hardw are Installation and Configuration Guide 58  Physical Ph y sical T able 8: SSG 20 Ph ysical Specifications Electrical T able 9: SSG 20 Electrical Specifications Environmental T olerance T able 10: SSG 20 Environ mental T olerance Description V alue Chassis dimensions 294 mm x 194.8 mm x 44 mm (1 1.5 inches x 7.7 inches x 2 inches) D[...]

  • Página 59

    Cer tifications  59 Cer tifications Safety  C AN/CS A-C2 2.2 No. 60950-1-0 3/UL 60950-1 Safety of Info rmation T echnology Equipment  EN 60950-1 (2000) Thir d Edition Safety of Inf ormation T e chnology Equipment  IEC 60950-1 (1999) Thir d Edition Saf ety of Inf ormation T echnology Equipment EMC Emissions  FCC P art 15 Class B (US A[...]

  • Página 60

    SSG 20 Hardw are Installation and Configuration Guide 60  Connectors T1 Interface  FCC P art 68 - TIA 968  Industry Canada CS-03  UL 60950-1 Applicable requirements f o r TNV circuit with outside plant lead connection Connectors Figure 22 show s the location of the pins on the RJ-45 connector . Figure 22: RJ-45 Pinouts T able 1 1 lists [...]

  • Página 61

    Connectors  61 Figure 23 show s the location of the pins on the DB-9 female connector . Figure 23: DB-9 Female Connector T able 12 pro vides the DB-9 connect or pinouts . T able 12: DB-9 Connector Pinouts Pin Name I/O Description 1D C D I C a r r i e r D e t e c t 2R x D I R e c e i v e D a t a 3T x D O T r a n s m i t D a t a 4 D TR O Data T er[...]

  • Página 62

    SSG 20 Hardw are Installation and Configuration Guide 62  Connectors[...]

  • Página 63

     63 Appendix B Initial Configuration Wizard This appendix pro vides detailed informat ion about the Initial Configur ation Wizar d (ICW) for an SSG 20 device . After you ha ve ph ysically connected y our device t o the network, you can use the ICW to configure the interf aces that are inst alled on your device . This section describes the follo [...]

  • Página 64

    SSG 20 Hardw are Installation and Configuration Guide 64  1. Rapid Deplo yment Window Figure 24: Rapid Deployment Window If your network uses NetScreen-Security Manager (NSM), you can us e a Rapid Deployment configlet t o automatically configure the de vice . Obtain a configlet from your NSM administr ator , select Ye s , se lect Load Configlet [...]

  • Página 65

     65 3. WLAN Access P oint Window If you ar e using the device in the W ORLD o r ET SI re gulatory domain, you must choose a country code . Se lect the appropriate options , then click Next . Figure 26: Wireless Access Point Country Code Window 4. Ph ysical Interface Window On the interface-to-z one bindings screen, y o u set the i nterface t o w[...]

  • Página 66

    SSG 20 Hardw are Installation and Configuration Guide 66  5. ADSL2/2+ Interface Window If you ha ve the ADSL2/2+ mini PIM insta lled in your de vice , you can configure the adslx/0 interface using the f ollo wing window . Figure 28: ADSL Interface Configuration Window NOTE: If you hav e two ADSL2/2+ mini-PIMs in stalled on your de vice , you can[...]

  • Página 67

     67 T able 13: F ields in ADSL Interface Configuration Window If you do not know these settin gs , refer to the Common Settings for Service Pro v iders document that came with the service provider de vice . Field Description Infor mation from Service Pr ovider: VPI/VCI VPI/VCI v alues to identif y the permanent virtual circ uit. Multiplexing Met[...]

  • Página 68

    SSG 20 Hardw are Installation and Configuration Guide 68  6. T1 Interface Windows If you ha ve the T1 mini-PIM installed in yo ur device and you selected the Frame Rela y option, the follo wing window s are displa ye d:  T1 Phy sical Lay er T ab Window  T1 Fr ame R elay T ab Window Figure 29: T1 Physical La yer T ab Window NOTE: If you ha [...]

  • Página 69

     69 T able 14: F ields in T1 Ph ysical La yer T ab Window Field Description Clocking Sets th e transmit c lock on t he inte rface . Line Buildout Sets the dist ance at which an interface driv es a line . Default setting is 0 - 132 feet. Line Encoding Sets the line encoding format on the interf ace:  Au t o M a r k I n v e r s i o n  8-bits[...]

  • Página 70

    SSG 20 Hardw are Installation and Configuration Guide 70  Figure 30: T1 F rame Rela y T ab Window T able 15: F ields in T1 F rame Relay T ab Window Field Description No-K eepalive chec kbox Enables no-keepaliv es . T ype Sets the fr ame rela y LMI type:  ANSI: American National Standar ds Institute support s data r ates up to 8Mbps do wnstrea[...]

  • Página 71

     71 If you ha ve the T1 mini-P IM installed in y our device and you selected the PPP option, the follo wing additional w indow s are displa y ed:  PPP Option with PPP T ab Windo w  PPP Option with P eer User T ab Window Figure 31: PPP Option with PPP T ab Window T able 16: F ields in PPP Option with PPP T ab Window Field Description PPP Pr[...]

  • Página 72

    SSG 20 Hardw are Installation and Configuration Guide 72  Figure 32: PPP Option with Peer User T ab Window T able 17: F ields in PPP Option with P eer User T ab Window If you ha ve the T1 mini-PIM installed in yo ur device and you selected the Cisco HDLC option, the f ollowing windo w is displayed: Figure 33: Cisco HDLC Option with Cisco HDLC T [...]

  • Página 73

     73 T able 18: F ields in Cisco HDLC Option with Cisco HDLC T ab Window 7. E1 Interface Windows If you ha ve the E1 mini-PIM installed in yo ur device and you selected the Frame Rela y option, the follo wing window s are displa ye d:  E1 Ph ysical L ayer T ab Window  E1 Fr ame R elay T ab Window Figure 34: E1 Physical La yer T ab Window Fi[...]

  • Página 74

    SSG 20 Hardw are Installation and Configuration Guide 74  T able 19: F ields in E1 Ph ysical La yer T ab Window Figure 35: E1 F rame Rela y T ab Window T able 20: F ields in E1 F rame Relay T ab Window Field Description Clocking Sets th e transmit c lock on t he inte rface . Frame Checksum Sets the size of checksum. Def ault is 16 . Framing Mode[...]

  • Página 75

     75 T o configure the E1 in terface wit h PPP options , see “PPP Option with PPP T ab Window” on page 7 1. T o config ure the E1 interface with the Cisco HDLC, see “Cisco HDLC Option with Cisco HDLC T ab Window” on page 72. 8. ISDN Interface Windows If you ha ve the ISDN mini-PIM installed in your de vice , you can configure the brix/0 ([...]

  • Página 76

    SSG 20 Hardw are Installation and Configuration Guide 76  T able 21: F ields in ISDN Ph ysical La yer T ab Window Y o u can select the bri1/0 i nterface t o connect using dialer , multi-link dial er , leased line , or dial w ith BRI. Selecting neither , one , or both options displays a window similar to the f ollowing. Field Description Switch T[...]

  • Página 77

     77 Figure 37: ISDN Connection T ab Window T able 22: F ields in ISDN Connection T ab Window Field Description PPP Profile Name Sets a PPP profil e name to the ISDN inter face . A uthentication Set s the PPP authentication type:  Any  CHAP: Challenge Handshak e A uthentication Prot ocol  P AP: P asswor d A uthentication P rot ocol  N[...]

  • Página 78

    SSG 20 Hardw are Installation and Configuration Guide 78  9. V .92 Modem Interface Window If you ha ve the V .92 mini-PIM installed in your de vice , you can configure the serialx/0 (Modem) interface using the following windo w: Figure 38: Modem Interface Window T able 23: F ields in Modem Interface Window 10. Eth0/0 Interface (Untrust Zone) Win[...]

  • Página 79

     79 Figure 39: Eth0/0 Interface Window T able 24: F ields in Eth0/0 Interface Window 11. Eth0/1 Interface (DMZ Zone) Window The eth0/1 interface can hav e a static or a dynamic IP address assigned via DHCP . Field Description Dynamic IP via DHCP Enables the device t o receiv e an IP address f or the Untrust zone interface f rom a service pro vid[...]

  • Página 80

    SSG 20 Hardw are Installation and Configuration Guide 80  Figure 40: Eth0/1 Interface Window T able 25: F ields in Eth0/1 Interface Window 12. Bgroup0 Interface (T rust Zone) Window The bgroup0 interface can hav e a static or a dynamic IP address assigned via DHCP . The default interf ace IP addr ess is 192.168.1.1 with a netmask of 255.255.255.[...]

  • Página 81

     81 T able 26: F ields in Bgroup0 Interface Window 13. Wireless0/0 Interface (T rust Zone) Window If you are configuring the SSG 20-WLAN device , you must set a Service Set Identifier (SSID) befor e the wireless0/0 interface can be activated. F or detailed instructions about configuring your wireless interface(s), refer t o the Concep ts & E[...]

  • Página 82

    SSG 20 Hardw are Installation and Configuration Guide 82  T able 27: F ields in Wireless0/0 Interface Window 14. Interface Summar y Window After you ha ve configure d the W AN interfaces , you will see the Interface Summary window . Figure 43: Interface Summar y Window Field Description Wlan Mode Sets the WLAN radio mode:  5G (802.1 1a).  [...]

  • Página 83

     83 Check your interface configur ation, then click Next when ready to pr oceed. The Ph ysi cal Ethern et DHCP Inte rface windo w appear s. 15. Ph ysical Ethernet DHCP Interface Window Select Ye s to enable y our device t o assign IP addresses to y our wired netw ork via DHCP . En ter the IP address ra nge that y ou want y our device t o assign [...]

  • Página 84

    SSG 20 Hardw are Installation and Configuration Guide 84  17. Confirmation Window Confirm your de vi ce configuration and change as needed. Click Next to save, reb o o t the de vice , and ru n the configur ation. Figure 46: Confirmation Window After the device r eboo ts with the sa ved system configuration, the W ebUI login prompt appears . F or[...]

  • Página 85

    Index  85 Index A AAL5 multiplexing ..................... .............. .............. ........ 41 ADSL configuring interface ...................... ........... .............. 41 connecting the cable ................. .............. .............. .. 24 connecting the port ........................ ........... .............. 24 Annex A .........[...]

  • Página 86

    86  Index SSG 20 Hardw are Installation and Configuration Guide S static IP address .............. .............. .............. .............. ..... 41 U Untrust zone, configuri ng backup interface ............... 37 V Virtual Path Identif ier/Virtual Ch annel Identifier See VPI/VCI VPI/VCI configuring .............. .............. ............[...]