Juniper SSG5 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Juniper

SSG5

Page 21 / 64 Scroll up to view Page 16 - 20

Connecting a Device to a Network

Figure 8:

Basic Networking Example

Ethernet Ports

To establish a high-speed connection, connect the provided Ethernet cable from the

Ethernet port marked 0/0 on an SSG 5 device to the external router. The device

autosenses the correct speed, duplex, and MDI/MDIX settings.

Serial (AUX/Console) Ports

You can connect to the untrusted network with an RJ-45 straight-through serial

cable and external modem.

WAN Ports

Have ready a length of the type of cable used by the interface.

Insert the cable connector into the cable-connector port on the device.

Arrange the cable as follows to prevent it from dislodging or developing stress

points:

Secure the cable so that it is not supporting its own weight as it hangs to

the floor.

Place any excess cable out of the way in a neatly coiled loop.

Use fasteners to maintain the shape of the cable loops.

SSG 5

V.92

CONSOLE

Callouts

Untrust

Zone

Console

DMZ

Trust

Zone

WARNING:

Make sure that you do not inadvertently connect the Console, AUX, or

Ethernet ports on the device to the telephone outlet.

Page 22 / 64

SSG 5 Hardware Installation and Configuration Guide

Connecting a Device to a Network

Connecting a Device to an Internal Network or Workstation

You can connect your local area network (LAN) or workstation with the Ethernet

and/or wireless interfaces.

Ethernet Ports

An SSG 5 device contains seven Ethernet ports. You can use one or more of these

ports to connect to LANs through switches or hubs. You can also connect one or all

of the ports directly to workstations, eliminating the need for a hub or switch. You

can use either crossover or straight-through cables to connect the Ethernet ports to

other devices. See “Default Device Settings” on page 27 for the default

interface-to-zone bindings.

Wireless Antennae

If you are using the wireless interface, you need to connect the provided antennae

on the device. If you have the standard 2dB diversity antennae, use screws to attach

them onto the posts marked A and B at the back of the device. Bend each antenna

at its elbows, making sure not to put pressure on the bulkhead connectors.

Figure 9:

SSG 5-WLAN Antennae Location

If you are using the optional external antenna, follow the connection instructions

that came with that antenna.

RESET

DC POWER

LOCK

USB

SD FLASH

Bulkhead connector

Antenna B

Antenna A

Page 23 / 64

Chapter 3

Configuring the Device

ScreenOS software is preinstalled on the SSG 5 devices. When the device is

powered on, it is ready to be configured. While the device has a default factory

configuration that allows you to initially connect to the device, you need to perform

further configuration for your specific network requirements.

This chapter contains the following sections:

“Accessing a Device” on page 24

“Default Device Settings” on page 27

“Basic Device Configuration” on page 29

“Basic Wireless Configuration” on page 33

“WAN Configuration” on page 37

“Basic Firewall Protections” on page 39

“Verifying External Connectivity” on page 39

“Resetting a Device to Factory Defaults” on page 40

NOTE:

After you configure a device and verify connectivity through the remote network,

you must register your product at www.juniper.net/support/ so certain ScreenOS

services, such as Deep Inspection Signature Service and Antivirus (purchased

separately), can be activated on the device. After registering your product, use the

WebUI to obtain the subscription for the service. For more information about

registering your product and obtaining subscriptions for specific services, refer to

the

Fundamentals

volume of the

Concepts & Examples ScreenOS Reference Guide

for

the ScreenOS version running on the device.

Page 24 / 64

SSG 5 Hardware Installation and Configuration Guide

Accessing a Device

You can configure and manage an SSG 5 device in several ways:

Console: The Console port on the device allows you to access the device

through a serial cable connected to your workstation or terminal. To configure

the device, you enter ScreenOS Command Line Interface (CLI) commands on

your terminal or in a terminal-emulation program on your workstation.

WebUI: The ScreenOS Web User Interface (WebUI) is a graphical interface

available through a browser. To initially use the WebUI, the workstation on

which you run the browser must be on the same subnetwork as the device. You

can also access the WebUI through a secure server using Secure Sockets Layer

(SSL) with secure HTTP (S-HTTP).

Telnet/SSH: Telnet and SSH are applications that allow you to access devices

through an IP network. To configure the device, you enter ScreenOS CLI

commands in a Telnet session from your workstation. For more information,

refer to the

Administration

volume of the

Concepts & Examples ScreenOS

Reference Guide

NetScreen-Security Manager: NetScreen-Security Manager is a Juniper

Networks enterprise-level management application that enables you to control

and manage Juniper Networks firewall/IPSec VPN devices. For instructions on

how to manage your device with NetScreen-Security Manager, refer to the

NetScreen-Security Manager Administrator’s Guide

Using a Console Connection

To establish a console connection, perform the following steps:

Plug the female end of the supplied DB-9 adapter into the serial port of your

workstation. (Be sure that the DB-9 is inserted properly and secured.) Figure 10

shows the type of DB-9 connector that is needed.

Figure 10:

DB-9 Adapter

Plug the male end of the RJ-45 CAT5 serial cable into the Console port on the

SSG 5. (Be sure that the other end of the CAT5 cable is inserted properly and

secured in the DB-9 adapter.)

NOTE:

Use a straight-through RJ-45 CAT5 serial cable with a male RJ-45 connector to plug

into the Console port on the device.

RJ-45 jack

DB-9 adapter

RJ-45 cable

Page 25 / 64

Accessing a Device

Launch a serial terminal-emulation program on your workstation. The required

settings to launch a console session are as follows:

Baud rate: 9600

Parity: None

Data bits: 8

Stop bit: 1

Flow Control: None

If you have not yet changed the default username and password, enter

netscreen

at both the login and password prompts. (Use lowercase letters only.

The login and password fields are both case-sensitive.)

For information on how to configure the device with the CLI commands, refer

to the

Concepts & Examples ScreenOS Reference Guide

(Optional) By default, the console times out and terminates automatically after

10 minutes of idle time. To remove the timeout, enter

set console timeout 0

Using the WebUI

To use the WebUI, the workstation from which you are managing the device must

initially be on the same subnetwork as the device. To access the device with the

WebUI, perform the following steps:

Connect your workstation to the 0/2 — 0/6 port (bgroup0 interface in the Trust

zone) on the device.

Ensure that your workstation is configured for Dynamic Host Configuration

Protocol (DHCP) or is statically configured with an IP address in the

192.168.1.0/24 subnet.

Launch your browser, enter the IP address for the bgroup0 interface (the default

IP address is 192.168.1.1/24), then press

Enter

The WebUI application displays the login prompt as shown in Figure 11.

NOTE:

When the device is accessed through the WebUI the first time, the Initial

Configuration Wizard (ICW) appears. If you decide to use the ICW to configure

your device, see “Initial Configuration Wizard” on page 49.

Rate

Popular Juniper Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share