dimanche 29 juillet 2012

Juniper SSG Initial configuration

Juniper SSG Initial configuration

1. Access SSG by running http://192.168.1.1.
 2. In Rapid Deployment Wizard, make sure No, use the Initial Configuration Wizard instaed and click Next.



2. Follow the Wizard to configure it.


3. Assign administrator username and password. you may want to check HTTP Redirect to HTTPS.


4. Choose the interfaces.


5. Enter IP information accordingly.


6. After finishing, you will see the configuration summary.

Publié par à Aucun commentaire:

How to use mapped IP to allow inbound traffic to reach private address

How to use mapped IP to allow inbound traffic to reach private address

1. Logon juniper SSG.
2. Open Interface from Network.

3. Click Edit in untrust/etherent1.

4. Click on MIP and then New.

5. Mapped IP is public IP address and Host IP is private IP address. since this is from untrust zone to trust zone, the Host Virtual Router name should be trust-vr.

6. Aftersave teh settings, it looks like this:

7. Follow this article to forward ports.

How to forward ports in Juniper SSG

How to forward ports in Juniper SSG. There are 3 steps to configure JuniperSSG to forward a port. Create a custom object in Juniper SSG ...
www.howtonetworking.com/Routers/ssgportforward0.htm

Publié par à Aucun commentaire:
How to forward ports in Juniper SSG

There are 3 steps to configure Juniper SSG to forward a port.

Create a custom object in Juniper SSG

How to forward ports in Juniper SSG - Creating a custom object

1. Login SSG.
2. Navigate Object>Services>Custom.
3. Check the protocol, and type other information such as Service name and port #. Note: the Source Port should be between 0 to 65535.
4. Click OK to save it.




Create a Policy in Juniper SSG

How to forward ports in Juniper SSG - Create a Policy

1. Login SSG.
2. Navigate Policies
3. Select Untrust from and Trust to.
4. Click new.
5. Source Address is Any.
6. Destination Address is the VIP you created, for example VIP (ethernet0/0)
7. Select the Service from predefine or custom.
8. Click OK to save it.



Create a Virtual IP on Juniper SSG

How to forward ports in Juniper SSG -  Create a Virtual IP

1. Login SSG.
2. Navigate Network>Interface>List.
3. In the List windows, click edit in ethernet0/0.


4. Click VIP.
5. In the Virtual I, enter the public IP address of the WAN.
6. Virtual Port is the port you want to forward.
7. Map the Service, predefine or custom service.
 8. Map to IP is the computer you will forward to.
9. Click OK to save it.



After these 3 steps, you should have a policy to forward a port to a computer.

Publié par à Aucun commentaire:

How to create a object group in Juniper SSG

How to create a object group in Juniper SSG

In a case you need to manage a group IP addresses, you can create address object group. To do that please follow these steps.

1. Login SSG.
2. Create a address object first.
3. Navigate Object>Addresses>Group.
3. Select a filter, DMZ in our case.
4. Click new.
5. add all addresses' objects and click OK to save it.



6. After closing, you should have a new object group.

Publié par à Aucun commentaire:

How to create an address object in Juniper SSG

How to create an address object in Juniper SSG

In a case you need to manage an IP address, you can create address object. To do that please follow these steps.

1. Login SSG.
2. Navigate Object>Addresses>List.
3. Select a filter, DMZ in our case.
4. Click new.


4. Assuming you want to create abject for an IP phone QoS, enter Address Name and IP information.


5. Continue to make other address object. When finishing, you should see all addresses' objects.

Publié par à Aucun commentaire:

How to configure WAN (etherenet0/0) in Juniper SSG

How to configure WAN (etherenet0/0) in Juniper SSG

1. Login SSG.
2. Click DHCP.
3. Select ethernet0/0.
4. Make sure None is checked.


5. Navigate Network>Interface>List.
6. Choose ethernet0/0.
7. Check Static IP and assign IP information. Note: you don't have option to assign default gateway in this windows.


8. Navigate Network>Routing and click New.
9. Assign gateway inforamtion.

Publié par à Aucun commentaire:

How to change WAN IP address on Juniper SSG5

How to change WAN IP address on Juniper SSG5

in our example, our client is changing his ISP from Comcast to AT@T. Out goal is changing the new WAN IP address on the Juniper SSG5 without changing any inside private IP addresses and network configuration.

1. Open SSG from web browser, for example, http://10.0.0.2:8080.
2. Navigate to Network>Interface>List.
3. In our example, bgroup0 and all ethernet0/2 to 0/6 are LAN ports. The ethernet0/0 is for WAN connecting to the AT@T modem.  Other ports are not used. Click Edit on the ethernet0/0.


4. In the Properties of Basic, make sure the Zone Name is Untrust. Enter the ATT IP address to replace Comcast IP address. Make sure you have correct /#. For more information about /#, please check this link: IPv4 Subnet Chart. Click Apply to save the settigns.

5. If you have port forwarding, please click VIP to check the new IP address is correct and all forwarding configuration is correct.

6. To change the Routing, navigate to Network>Routing>Destination. Click Remove on the Comcast IP.

7. Then click New on the top right. Enter 0.0.0.0 /0 for IP Address/Network since we want to access the Internet. Enter the AT&T default gateway to replace Comcast gateway IP. Click OK to save the settings.
;

8. You may want to change the DNS also. Click DNS>Host under Network. Make the change accordingly.

9. You may need to reboot the Juniper SSG5 to take the new configuration.
Publié par à Aucun commentaire:
Inscription à : Articles (Atom)