Page 406 / 469
Scroll up to view Page 401 - 405
Default Settings and Technical Specifications
406
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
IPv4 LAN, DMZ, and routing settings
LAN IPv4 address for the default VLAN
192.168.1.1
LAN IPv4 subnet mask for the default VLAN
255.255.255.0
VLAN 1 membership
All ports
LAN DHCP server for the default VLAN
Enabled
LAN DHCP IPv4 starting address for the default VLAN
192.168.1.100
LAN DHCP IPv4 ending address for the default VLAN
192.168.1.254
VLAN MAC addresses
All LAN ports share the same MAC
address
Broadcast of ARP packets
Enabled for the default VLAN
DMZ port for IPv4
Disabled
DMZ IPv4 address (Port 4)
172.16.2.1
DMZ IPv4 subnet mask (Port 4)
255.255.255.0
DMZ DHCP server
Disabled
DMZ DHCP IPv4 starting address
176.16.2.100
DMZ DHCP IPv4 ending address
176.16.2.254
RIP direction
None
RIP version
Disabled
RIP authentication
Disabled
IPv6 LAN and DMZ settings
LAN IPv6 address
fec0::1
LAN IPv6 prefix length
64
LAN DHCPv6 server
Disabled
DMZ port for IPv6
Disabled
DMZ IPv6 address (Port 4)
176::1
DMZ IPv6 prefix length (Port 4)
64
DMZ DHCPv6 server
Disabled
Table 100.
VPN firewall factory default configuration settings (continued)
Feature
Default Behavior
Page 407 / 469
Default Settings and Technical Specifications
407
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Firewall and security settings
Inbound LAN WAN rules (communications coming in from
the Internet)
All traffic is blocked, except for traffic
in response to requests from the LAN.
Outbound LAN WAN rules (communications from the LAN
to the Internet)
All traffic is allowed.
Inbound and outbound DMZ WAN rules
None
Inbound and outbound LAN DMZ rules
None
Respond to ping on WAN (Internet) ports
Disabled
Stealth mode
Enabled
TCP flood
Enabled
UDP flood
Enabled
Respond to ping on LAN ports
Disabled
IPv4 VPN pass-through for IPSec in NAT mode
Enabled
IPv4 VPN pass-through for PPTP in NAT mode
Enabled
IPv4 VPN pass-through for L2TP in NAT mode
Enabled
IPv6 VPN pass-through for IPSec
Enabled
Multicast pass-through for IGMP
Disabled
Session limits
Disabled
TCP time-out
1200 seconds
UDP time-out
180 seconds
ICMP time-out
8 seconds
SIP ALG
Disabled
Source MAC filtering
Disabled
IP/MAC bindings
Disabled
Port triggering rules
None
UPnP
Disabled
Bandwidth profiles
None
QoS profiles (for IPv4 firewall rules)
None
Table 100.
VPN firewall factory default configuration settings (continued)
Feature
Default Behavior
Page 408 / 469
Default Settings and Technical Specifications
408
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
QoS priorities (for IPv6 firewall rules)
Normal-Service
Minimize-Cost
Maximize-Reliability
Maximize-Throughput
Minimize-Delay
Content filtering
Disabled
Proxy server blocking
Disabled
Java applets blocking
Disabled
ActiveX controls blocking
Disabled
Cookies blocking
Disabled
Blocked keywords
None
Trusted domains
All
VPN IPsec Wizard: IKE policy settings for IPv4 and IPv6 gateway-to-gateway tunnels
Exchange mode
Main
ID type
Local WAN IP address
Local WAN ID
Local WAN IP address
Remote WAN ID
Not applicable
Encryption algorithm
3DES
Authentication algorithm
SHA-1
Authentication method
Pre-shared Key
Key group
DH-Group 2 (1024 bit)
Life time
8 hours
VPN IPsec Wizard: VPN policy settings for IPv4 and IPv6 gateway-to-gateway tunnels
Encryption algorithm
3DES
Authentication algorithm
SHA-1
Life time
1 hour
Key group
DH-Group 2 (1024 bit)
NetBIOS
Enabled
Table 100.
VPN firewall factory default configuration settings (continued)
Feature
Default Behavior
Page 409 / 469
Default Settings and Technical Specifications
409
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
VPN IPsec Wizard: IKE policy settings for IPv4 gateway-to-client tunnels
Exchange mode
Aggressive
ID type
FQDN
Local WAN ID
remote.com
Remote WAN ID
local.com
Encryption algorithm
3DES
Authentication algorithm
SHA-1
Authentication method
Pre-shared Key
Key group
DH-Group 2 (1024 bit)
Life time
8 hours
VPN IPsec Wizard: VPN policy settings for IPv4 gateway-to-client tunnels
Encryption algorithm
3DES
Authentication algorithm
SHA-1
Life time
1 hour
Key group
DH-Group 2 (1024 bit)
NetBIOS
Disabled
RADIUS settings
Primary RADIUS server
Disabled and none configured
Secondary RADIUS server
Disabled and none configured
RADIUS time-out period
30 seconds
RADIUS maximum retry count
4
SSL VPN settings
SSL VPN IPv4 client address range
192.168.251.1–192.168.251.254
SSL VPN IPv6 client address range
4000::1–4000::200
User, group, and domain settings
default domain
geardomain
default group
geardomain
default users, default passwords
admin, password
guest, password
Table 100.
VPN firewall factory default configuration settings (continued)
Feature
Default Behavior
Page 410 / 469
Default Settings and Technical Specifications
410
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Physical and Technical Specifications
The following table shows the physical and technical specifications for the VPN firewall:
Administrative and monitoring settings
Secure HTTP management
Enabled
Telnet management
Disabled
Traffic meter
Disabled
SNMP
Disabled
Time zone
GMT
Time zone adjusted for daylight saving time
Disabled
Routing logs
Disabled
System Logs
Disabled
Other event logs
Disabled
Email logs
Disabled
Syslogs
Disabled
IPSec VPN logs
Enabled
SSL VPN logs
Enabled
Table 101.
VPN firewall physical and technical specifications
Feature
Specification
Network protocol and standards compatibility
Data and Routing Protocols
TCP/IP, RIP-1, RIP-2, PPP over Ethernet (PPPoE),
DHCP, DHCPv6
Power adaptor
Universal input
100–240V, AC/50–60 Hz, 1.2 Amp maximum
Dimensions and weight
Dimensions (W x H x D)
33 x 4.3 x 20.9 cm (13 x 1.7 x 8.2 in)
Weight
2.1 kg (4.8 lb)
Table 100.
VPN firewall factory default configuration settings (continued)
Feature
Default Behavior
19216811.live