Juniper SRX210HE2, Quick Start Manual

Page: 4 / 6

Page 4
10. Click Download Now to retrieve your licenses. A pop-up window appears displaying
the license information.
11. Review the downloaded licenses. Click OK and then Next .
12. Proceed to Task 8.
Task 7: Configure the Settings in Guided Setup Mode (Method 2)
Before you begin the configuration process, obtain a static IP address on your services
gateway. Use the port labeled
0/0 (interface ge-0/0/0) to connect to your ISP. Your ISP
will have provided a static IP address. You will not receive an IP address using the DHCP
process.
NOTE: It is mandatory to configure only the device name and root password. You can
skip all the other steps by clicking Next to go directly to the Confirm & Apply page to
apply the configuration (Task 8).
1. From the Welcome page, click Guided Setup and click Next . The Experience Level
page appears.
2. Select one of the following icons that best identifies your experience level, and click
Next :

Basic

Expert
The following table compares the Basic and Expert levels:
3. Configure the basic options:
a. Enter the device name and root password on the Device Information page.
NOTE: As you type in the password, the password evaluator indicates the
password strength. We recommend that you use a strong password, which
should contain 12 or more characters and include uppercase and lowercase
letters, numbers, and symbols.
b. To add users, click Add . Enter the username, password, and role. Click Done .
The username appears in the Administrative Accounts list box.
c. Click Next . The Device Time page appears.
d. Configure the system time by using one of the following options:

Time Server - Enter the NTP server name or IP address.

Manual - Enter the date and time.
e. Click Next . The Summary page appears displaying the basic device information
configured.
f. Click Next . The Security Topology Overview page appears.
4. Configure the security topology:
a. From the Security Topology Overview page, click Next . The Internet Zone
Setup Page appears.
b. Choose whether your internal network is connected to the Internet, and click
Next .
c. Select the device (SRX) to configure the Point-to-Point Protocol over Ethernet
(PPPoE) connection, and click
Next . The Configuration page appears.
NOTE: If you select Not Applicable or DSL Modem, then a plain IP is
configured. Proceed to step e.
d. Type the username and password. Confirm the password, and click Next .
e. Configure the Internet zone. Select the Static option . Click Add IP to enter the
static IP address provided by your ISP, and click Done . Select the port to use,
and click Next . The DMZ Setup page appears.
f. If you are using the DMZ, click Yes and configure the DMZ for your network by
following the onscreen instructions. Otherwise, click No and proceed to Step g.
g. From the Internal Zone Setup page, select the topology that best represents
your network, and click
Next .
h. Configure the internal zones. Type the name for the zone, select the port to use
with this zone, and click
Next .
i. Configure the DHCP server for the internal zone. Click Done . The Summary
page appears displaying the details for the security topology configuration.
j. Click Next . The Security Policy Overview page appears.
5. Configure the security policy:
The Security Policy section allows you to configure policies between the Internet,
the DMZ, and internal zones.
NOTE: The wizard recommends security policies based on the security topology
you have defined.
a. From the Security Policy Overview page, click Next . The Licenses page
appears.
b. Download the license. Refer to Step 8 through Step 11 of Task 6.
c. If you have configured the DMZ, configure the DMZ policy for the traffic
between the Internet zone and the DMZ. Click
Next .
d. Configure the internal policy for the traffic between the Internet zone and the
internal zones. Click
Next .
e. If you have configured the DMZ, configure the DMZ policy for the traffic
between the internal zone and the DMZ.
f. Configure the security policy for the Device Management interface by zone.
Basic Expert
Can configure only three internal zones Can configure more than three internal
zones
Can configure static and dynamic IP for the Internet
zone Can configure static IP, static pool, and
dynamic IP for the Internet zone
Cannot configure internal zone service Can configure internal zone service
Cannot configure internal destination NAT Can configure internal destination NAT