manualshive.com logo in svg

Juniper SRX550, Hardware Manual

The Juniper SRX550 is a high-performance security gateway designed for medium to large enterprise networks. To better understand this powerful device, be sure to download the free Hardware Manual from our website. This manual provides comprehensive information on how to maximize the capabilities of your SRX550.

Share
Download
background image

Table 33: Default Interface Configuration for the Services Gateway (continued)

Address

DHCP

State

Security

Zone

Connector

Interface

Port Label

Server

Trust

RJ-45

ge-0/0/4

0/4

Server

Trust

RJ-45

ge-0/0/5

0/5

No default Configuration

ge-0/0/6

0/6

ge-0/0/7

0/7

ge-0/0/8

0/8

ge-0/0/9

0/9

By default, the security policies and NAT rules in

Table 34 on page 118

and

Table 35 on page 118

are created

on the SRX Series security policies.

Table 34: Security Policies

Policy Action

Destination Zone

Source Zone

Permit

Untrust

Trust

Table 35: NAT Rule

NAT Action

Destination Zone

Source Zone

Source NAT to untrust zone

interface

Untrust

Trust

For example, a common default firewall configuration includes the following assumptions:

The protected network is connected to the interfaces ge-0/0/1 (port 0/1) through interface ge-0/0/5

(port 0/5) in the trust zone.

Connectivity to the Internet is through the interface ge-0/0/0 (port 0/0) in the untrust zone.

The IP address of the ge-0/0/0 interface is assigned via DHCP.

NOTE:

The interfaces ge-0/0/1 (port 0/1) through ge-0/0/5 interface (port 0/5) are a part of

the default VLAN. The protected hosts can be connected to any of the ports that are part of the

default VLAN.

118

Summary of Contents for SRX550

Page 1: ...SRX550 Services Gateway Hardware Guide Published 2020 12 16...

Page 2: ...re Guide Copyright 2020 Juniper Networks Inc All rights reserved The information in this document is current as of the date on the title page YEAR 2000 NOTICE Juniper Networks hardware and software pr...

Page 3: ...way Hardware Features 3 SRX550 Services Gateway Software Features and Licenses 4 SRX550 Services Gateway Power over Ethernet 9 Accessing the SRX550 Services Gateway 11 Hardware Component Overview 12 S...

Page 4: ...Maintenance of the SRX550 Services Gateway 45 Cabinet Requirements 47 SRX550 Services Gateway Cabinet Size and Clearance Requirements 47 SRX550 Services Gateway Cabinet Airflow Requirements 48 Power...

Page 5: ...g Structure 68 Installing the Services Gateway 69 Installing the SRX550 Services Gateway in a Rack 69 Installing an AC Power Supply on the SRX550 Services Gateway 72 Installing a DC Power Supply on th...

Page 6: ...teway with a Configuration Editor 110 Displaying Basic Connectivity Configurations for the SRX550 Services Gateway 115 Built In Ethernet Ports for the SRX550 Services Gateway 116 Management Access for...

Page 7: ...e SRX550 Services Gateway 146 Installing a DC Power Supply on the SRX550 Services Gateway 148 Contacting Customer Support and Returning Components 152 Contacting Customer Support 152 Return Procedure...

Page 8: ...onal Safety Guidelines and Warnings 178 Battery Handling Warning 179 Jewelry Removal Warning 180 Lightning Activity Warning 182 Operating Temperature Warning 183 Product Disposal Warning 185 Electrica...

Page 9: ...Israel 202 Japan 203 United States 203 SRX550 Services Gateway Compliance Statements for NEBS 203 Lithium Battery 204 ix...

Page 10: ...product documentation page on the Juniper Networks website at https www juniper net documentation If the information in the latest release notes differs from the information in the documentation foll...

Page 11: ...1 From the HTML or PDF version of the manual copy a configuration example into a text file save the file with a name and copy the file to a directory on your routing platform For example copy the foll...

Page 12: ...platform commit file ex script snippet xsl 2 Move to the hierarchy level that is relevant for this snippet by issuing the following configuration mode command edit user host edit system scripts edit...

Page 13: ...text and syntax conventions used in this guide Table 2 Text and Syntax Conventions Examples Description Convention To enter configuration mode type the configure command user host configure Represent...

Page 14: ...default metric metric Encloses optional keywords or variables angle brackets broadcast multicast string1 string2 string3 Indicates a choice between the mutually exclusive keywords or variables on eit...

Page 15: ...tem Click TechLibrary Feedback on the lower right of any page on the Juniper Networks TechLibrary site and do one of the following Click the thumbs up icon if the information on the page was helpful t...

Page 16: ...niper net Find product documentation https www juniper net documentation Find solutions and answer questions using our Knowledge Base https kb juniper net Download the latest versions of software and...

Page 17: ...1 PART Overview System Overview 2 Hardware Component Overview 12 Chassis Description 14 Interface Module Description 24 Cooling System Description 27 Power System Description 28...

Page 18: ...550 Services Gateway is a mid range dynamic services gateway that consolidates network infrastructure and security applications for regional offices large branch offices and small to medium enterprise...

Page 19: ...ports Four on board SFP Gigabit Ethernet ports Support for dual AC or dual DC power supplies with a redundant configuration in the chassis 645 W AC and DC power supplies with or without Power over Eth...

Page 20: ...hassis 14 Physical Interface Modules SRX550 Services Gateway Software Features and Licenses The services gateway provides the software features listed in Table 3 on page 5 NOTE Some software features...

Page 21: ...extensions BGP extensions Static routes NOTE CLNS is available only in packet based mode MPLS Layer 2 and Layer 3 virtual private networks VPNs VPN routing and forwarding VRF table labels Traffic eng...

Page 22: ...E Circuit cross connect CCC Translational cross connect TCC Encapsulation Synchronous Point to Point Protocol PPP Frame Relay High Level Data Link Control HDLC 802 1Q filtering and forwarding Multilin...

Page 23: ...sed on file types and types of files within HTTP and HTTPS Unified threat management UTM Network attack detection Denial of service DoS and distributed denial of service DDoS protection Generic routin...

Page 24: ...For services gateway configuration and management through the console through Telnet or SSH Simple Network Management Protocol version 1 SNMPv1 SNMPv2 and SNMPv3 Network and Security Manager NSM J Fl...

Page 25: ...TION SRX550 Services Gateway Description 2 SRX550 Services Gateway Hardware Features 3 SRX550 Services Gateway Power over Ethernet Power over Ethernet PoE supports the implementation of the IEEE802 3...

Page 26: ...slots 3 4 6 8 For more information see SRX550 Services Gateway Front Panel on page 15 Supported slots The 645 W AC and 645 W DC power supplies support the following capacities 255 W PoE on a single p...

Page 27: ...to operate a services gateway without commands The J Web interface provides access to all Junos OS functionality and features Junos OS command line interface CLI Juniper Networks command shell that r...

Page 28: ...ere is file system corruption and facilitate easy recovery of the corrupted file system The dual root partitioning scheme keeps the primary and backup Junos OS images in two independently bootable roo...

Page 29: ...TED DOCUMENTATION Installation Overview for the SRX550 Services Gateway 60 Required Tools and Parts for Installing the SRX550 Services Gateway 61 SRX550 Services Gateway Basic Connectivity Overview 95...

Page 30: ...the physical specifications for the services gateway Table 5 Physical Specifications for the SRX550 Services Gateway Value Physical Specification 2 rack units U Chassis height 17 5 in 44 4 cm Chassis...

Page 31: ...eway 77 General Electrical Safety Guidelines and Warnings SRX550 Services Gateway Front Panel Figure 2 on page 15 shows the front panel of the SRX550 Services Gateway Figure 2 SRX550 Services Gateway...

Page 32: ...of the front chassis panel AUX Port 4 Both slots support Mini PIMs Left side of the front chassis panel 2 Mini PIM slots numbered 1 and 2 5 All slots support GPIMs Slot 3 supports 10 gigabit XPIMs Slo...

Page 33: ...s panel USB 0 and USB 1 ports 9 Use the Power button to shut down the services gateway On a services gateway that has been previously shut down using the Power button when the power button is pressed...

Page 34: ...de of the front chassis panel lower edge 6 fixed Gigabit Ethernet ports Port labeled 0 0 Port labeled 0 1 Port labeled 0 2 Port labeled 0 3 Port labeled 0 4 Port labeled 0 5 Provides link speeds of 10...

Page 35: ...ELATED DOCUMENTATION SRX550 Services Gateway Front Panel LEDs 19 SRX550 Services Gateway Chassis 14 SRX550 Services Gateway Back Panel 22 SRX550 Services Gateway Front Panel LEDs Figure 4 on page 19 s...

Page 36: ...the system is up and running if the ALARM LED is off it indicates that no alarms are active on the device Unlit Off The services gateway is functioning normally Green On Steadily STATUS The services...

Page 37: ...MPIM 2 The Mini PIM hardware in the corresponding slot has failed or its anti counterfeit check failed Red There is no Mini PIM in the corresponding slot or that the Mini PIM is not detected by the d...

Page 38: ...Location Component Number Power supplies are hot swappable and support single or dual redundant power supply versions If you need to power off the services gateway after it finishes booting first use...

Page 39: ...lower edge Storage slot 4 While working on the services gateway use the ESD outlet to plug in an ESD grounding strap to prevent any damage to the services gateway Connector for an ESD wrist band Right...

Page 40: ...AN Interface Module Terminology GPIM The Gigabit Backplane Interface Module GPIM includes standard GPIMs that can be installed in a single high single wide GPIM slot that has gigabit connectivity to t...

Page 41: ...Modules and Compatibility For details about the supported GPIMs and XPIMs see the SRX Series Services Gateways for the Branch Physical Interface Modules Hardware Guide Figure 7 on page 25 Figure 8 on...

Page 42: ...s a network interface card that is installed in the services gateway to provide physical connections to a LAN or WAN The Mini PIMs supported on the services gateway are field replaceable units FRUs wh...

Page 43: ...device Under normal operating conditions the fans function at lower than full speed If any one of the four fans fails the services gateway generates a warning but keeps the system running If the temp...

Page 44: ...plies either both AC or both DC will load share and provide power redundancy to the services gateway increasing its availability and reliability If one power supply fails or is removed the other power...

Page 45: ...Figure 11 DC Power Supply The power supplies provide different output wattage to the services gateway components according to the voltage requirements of the components The power supply components ar...

Page 46: ...10 W PoE using the two power supply option operating as nonredundant NOTE Using the two power supply options operating as nonredundant for up to 510 W PoE the administrator has the ability to prioriti...

Page 47: ...d B B Feed B 48VDC connection for Feed B B RELATED DOCUMENTATION SRX550 Services Gateway Chassis 14 SRX550 Services Gateway Front Panel 15 SRX550 Services Gateway Back Panel 22 SRX550 Services Gateway...

Page 48: ...2 PART Site Planning and Specifications Planning and Preparing the Site 33 Rack Requirements 38 Cabinet Requirements 47 Power Requirements and Specifications 49 Cable Specifications and Pinouts 56...

Page 49: ...SRX550 Services Gateway Table 11 Site Preparation Checklist for SRX550 Services Gateway Installation Notes Date Performed By Additional Information Item or Task Power SRX550 Services Gateway Electrica...

Page 50: ...ervices Gateway Spacing of Mounting Bracket and Flange Holes on page 44 Plan rack location including required space clearances Connecting the SRX550 Services Gateway to the Building Structure on page...

Page 51: ...ng precautions help you plan an acceptable operating environment for your SRX550 Services Gateway and avoid environmentally caused equipment failures For the cooling system to function properly the ai...

Page 52: ...ications Table 12 on page 36 provides the required environmental conditions for normal SRX550 Services Gateway operations In addition the site must be as dust free as possible because dust can clog ai...

Page 53: ...ese specifications are estimates and subject to change Maximum thermal output NOTE Install the services gateway only in restricted areas such as dedicated equipment rooms and equipment closets in acco...

Page 54: ...Spacing of Mounting Bracket and Flange Holes 44 Clearance Requirements for Airflow and Hardware Maintenance of the SRX550 Services Gateway 45 Rack Mounting Requirements and Warnings Ensure that the e...

Page 55: ...39...

Page 56: ...keren De Juniper Networks services gateway moet in een stellage worden ge nstalleerd die aan een bouwsel is verankerd Dit toestel dient onderaan in het rek gemonteerd te worden als het toestel het eni...

Page 57: ...ten dieser Einheit in einem Gestell m ssen Sie besondere Vorkehrungen treffen um sicherzustellen da das System stabil bleibt Die folgenden Richtlinien sollen zur Gew hrleistung Ihrer Sicherheit dienen...

Page 58: ...ylt skal kabinettet lastes fra bunnen og opp med den tyngste komponenten nederst i kabinettet Hvis kabinettet er utstyrt med stabiliseringsutstyr skal stabilisatorene installeres f r montering eller u...

Page 59: ...ices gateway m ste installeras i en st llning som r f rankrad i byggnadens struktur Om denna enhet r den enda enheten p st llningen skall den installeras l ngst ned p st llningen Om denna enhet instal...

Page 60: ...e mounting brackets and flange holes on the rack and device mounting brackets are as follows The holes within each rack set are spaced at 2U 3 5 in or 8 89 cm The services gateway can be mounted in an...

Page 61: ...shows the direction of airflow through the chassis Figure 12 Airflow Through the Chassis For service personnel to remove and install hardware components there must be adequate space at the front and...

Page 62: ...front mounting flange and rack or cabinet edge Space for the cooling system to function properly and to maintain unrestricted airflow around the chassis 6 0 in 15 24 cm Between both sides of the chas...

Page 63: ...holes in the mounting brackets chassis are spaced 1 25 in 3 2 cm apart measured from the center of the hole When selecting a cabinet ensure that the physical characteristics of the cabinet comply wit...

Page 64: ...ply you provide through the cabinet can adequately dissipate the thermal output of the services gateway Install the services gateway as close as possible to the front of the cabinet so that the cable...

Page 65: ...able Specifications 53 SRX550 Services Gateway DC Power Supply Electrical Specifications 54 SRX550 Services Gateway Power Requirements 54 SRX550 Services Gateway Electrical Wiring Guidelines Table 14...

Page 66: ...electrical surge suppression devices Strong sources of electromagnetic interference EMI can cause the following damage Destroy the signal drivers and receivers in the device Conduct power surges over...

Page 67: ...tely 14 75 ft in length to comply with National Electrical code NEC Section 400 8 NFPA 75 5 2 2 and 210 52 and Canadian Electrical Code CEC Section 4 010 3 Table 15 on page 51 provides power cord spec...

Page 68: ...w and Hardware Maintenance of the SRX550 Services Gateway 45 SRX550 Services Gateway Electrical Wiring Guidelines 49 Site Preparation Checklist for the SRX550 Services Gateway 33 SRX550 Services Gatew...

Page 69: ...roper polarity The power source cables might be labeled and to indicate their polarity There is no standard color coding for DC power cables The color coding used by the external DC power source at yo...

Page 70: ...rating range 40 to 72 VDC DC input voltage 16 A at 48 VDC DC system current rating RELATED DOCUMENTATION SRX550 Services Gateway Power Supply 28 Clearance Requirements for Airflow and Hardware Mainten...

Page 71: ...s gateway RELATED DOCUMENTATION SRX550 Services Gateway Power Supply 28 Clearance Requirements for Airflow and Hardware Maintenance of the SRX550 Services Gateway 45 Site Preparation Checklist for the...

Page 72: ...age 56 lists the specifications for the cables that connect to ports on the services gateway Table 19 Cable and Wire Specifications for Ports and Alarm Interfaces Device Receptacle Maximum Length Cabl...

Page 73: ...et cable for connecting the services gateway to a management LAN or other device that supports out of band management Table 20 on page 57 describes the RJ 45 connector pinouts for the Ethernet port Ta...

Page 74: ...page 58 describes the RJ 45 connector pinouts for the console port Table 21 RJ 45 Connector Pinouts for the Services Gateway Console Port Description Signal Pin Request to Send RTS 1 Data Terminal Re...

Page 75: ...he Services Gateway 64 Installing the Mounting Hardware 67 Installing the Services Gateway 69 Grounding the SRX550 Services Gateway 76 Connecting the SRX550 Services Gateway to External Devices 79 Pro...

Page 76: ...stallation process in the following order 1 Review the safety guidelines explained in General Electrical Safety Guidelines and Warnings 2 Prepare the services gateway for installation as described in...

Page 77: ...ls and Parts for Installing the SRX550 Services Gateway To install the services gateway you need the following tools and parts Phillips screwdriver number 2 Tie wrap Electrostatic discharge ESD ground...

Page 78: ...el Les installasjonsinstruksjonene f r systemet kobles til str mkilden Aviso Leia as instru es de instala o antes de ligar o sistema sua fonte de energia Atenci n Ver las instrucciones de instalaci n...

Page 79: ...configuration server in the network and have a service available typically Dynamic Host Configuration Protocol DHCP to assign an IP address to the services gateway Autoinstallation begins automatical...

Page 80: ...ipped in a cardboard carton and secured with foam packing material The carton also contains an accessory box and quick start instructions NOTE The services gateway is maximally protected inside the ca...

Page 81: ...s missing contact your customer service representative or contact Juniper customer care from within the U S or Canada by telephone at 1 888 314 5822 For international dial or direct dial options in co...

Page 82: ...priate for your geographical location Two power supplies must be installed in the services gateway for redundancy A second power supply and additional power supplies are separately orderable and do no...

Page 83: ...ollowing parts available in your rack mounting kit for the SRX550 Services Gateway Rack mounting brackets Eight mounting screws to attach the mounting brackets to the chassis of the services gateway F...

Page 84: ...f your geographical area is subject to earthquakes bolt the rack to the floor For maximum stability also secure the rack to ceiling brackets RELATED DOCUMENTATION General Site Installation Guidelines...

Page 85: ...of racks are acceptable including four post telco racks enclosed cabinets and open frame racks NOTE If you are installing multiple devices in one rack install the lowest one first and proceed upward...

Page 86: ...e sides of the services gateway lift it and position it in the rack 4 Align the bottom hole in each mounting bracket with a hole in each rack rail making sure the chassis is level 5 Have a second pers...

Page 87: ...n one side of the rack are aligned with the mounting screws on the opposite side and that the services gateway is level RELATED DOCUMENTATION Installation Overview for the SRX550 Services Gateway 60 S...

Page 88: ...ith any adjacent power supply faceplate see Figure 17 on page 72 3 Attach the power cord to the power supply 4 Route the power cord along the cable restraint toward the left or right corner of the cha...

Page 89: ...our bare wrist and connect the strap to one of the ESD points on the chassis For more information about ESD see Preventing Electrostatic Discharge Damage to the SRX550 Services Gateway 3 Orient the po...

Page 90: ...cables might be labeled and to indicate their polarity There is no standard color coding for DC power cables The color coding used by the external DC power source at your site determines the color cod...

Page 91: ...people could trip on them 11 Remove the tape from the switch handle of the circuit breaker on the panel board that services the DC circuit and switch the circuit breaker to the on position Observe th...

Page 92: ...lectrician must attach a cable lug to the grounding and power cables that you supply A cable with an incorrectly attached lug can damage the services gateway for example by causing a short circuit To...

Page 93: ...ple Panduit LCC6 10A L CAUTION Before services gateway installation begins a licensed electrician must attach a cable lug to the grounding and power cables that you supply A cable with an incorrectly...

Page 94: ...verify that it does not touch or block access to the services gateway components and that it does not drape where people could trip on it RELATED DOCUMENTATION Preventing Electrostatic Discharge Damag...

Page 95: ...ay End 85 Organizing Interface Cables on the SRX550 Services Gateway Arrange network cables as follows to prevent them from dislodging or developing stress points Secure cables so that they are not su...

Page 96: ...RJ 45 to DB 9 serial port adapter NOTE Most modems have an RS 232 DB 25 connector You must separately purchase an adapter to connect your modem to the RJ 45 to DB 9 adapter and Ethernet cable 5 Connec...

Page 97: ...Services Gateway from the CLI with the USB Console Port You can connect your management station to the USB console port on the services gateway and use the CLI to configure the services gateway as sh...

Page 98: ...ware will fail to install In such a case it is recommended that you uninstall the USB console driver and then reinstall it e Click OK when the installation is complete 3 Plug the large end of the USB...

Page 99: ...required at initial connection but you must assign a root password before committing any configuration settings RELATED DOCUMENTATION Connecting to the SRX550 Services Gateway from the J Web Interface...

Page 100: ...connected to the console port on the services gateway type ATDT remote modem number For example if the phone number of the modem connected to the console port on the services gateway is 0019785551234...

Page 101: ...teway end 1 Connect the modem to the management device a desktop or laptop computer 2 Power on the modem 3 From the management device start your asynchronous terminal emulation application such as Mic...

Page 102: ...gnals type AT D1 8 To disable flow control type AT K0 9 To save modem settings type AT W RELATED DOCUMENTATION Connecting to the SRX550 Services Gateway from the CLI Remotely 104 Connecting the Modem...

Page 103: ...h PoE support ships with the SRX550 Services Gateway You connect AC power to the services gateway by attaching the power cord from the AC power source to the AC appliance inlet located on the power su...

Page 104: ...fy that the power cord does not block the air exhaust and access to services gateway components or drape where people could trip on it NOTE The services gateway must be connected to earth ground durin...

Page 105: ...ing an AC Power Cord on the SRX550 Services Gateway 3 Insert the power cord plug into an external AC power source receptacle 4 Route the power cord along the cable restraint toward the left or right c...

Page 106: ...are labeled B and B You do not need to use both feeds if you only have one DC power source or if you do not want to use feed redundancy you can connect just one feed To connect the DC source power ca...

Page 107: ...power cables that attach to the terminals on the power supply 5 Connect DC power cables to the A and A terminals a Remove the screws and square washers from the A and A terminals Use a Phillips screw...

Page 108: ...bles are connected correctly that they are not touching or blocking access to services gateway components and that they do not drape where people could trip on them NOTE The services gateway must be c...

Page 109: ...r cables to the B and B terminals and the other ends to an external DC power source CAUTION You must ensure that power connections maintain the proper polarity The power source cables might be labeled...

Page 110: ...nds before turning it off If the system is completely powered off when you turn on the power supply the services gateway starts as the power supply completes its startup sequence If the services gatew...

Page 111: ...r the SRX550 Services Gateway 115 Built In Ethernet Ports for the SRX550 Services Gateway 116 Management Access for the SRX550 Services Gateway 119 SRX550 Services Gateway Basic Connectivity Overview...

Page 112: ...port Ethernet cable If you are performing the initial configuration with the J Web setup wizard gather the following equipment Management device such as a desktop or laptop computer with a serial port...

Page 113: ...unctuation marks numbers and other special characters Control characters are not recommended For more information see the Configuration Guides for Junos OS Public Sector Certifications Initially the r...

Page 114: ...P to provide accurate timestamps for system log messages For more information see the Configuration Guides for Junos OS Public Sector Certifications You define the time zone for the location where you...

Page 115: ...terface ge 0 0 1 on the services gateway see Figure 25 on page 99 Figure 25 Connecting to the Ethernet Port on the SRX550 Services Gateway g034115 1 From the management device such as a desktop or lap...

Page 116: ...the Password field 10 Press Enter The J Web setup wizard appears NOTE The upper left area of the wizard page shows where you are in the setup process Click a field in the wizard page to display inform...

Page 117: ...ed The services gateway uses the SSL protocol to provide secure management of services gateways through the J Web interface SSL uses public private key technology which requires a paired private key a...

Page 118: ...n Editor 110 Connecting to the SRX550 Services Gateway from the CLI Locally To use the CLI to configure the SRX550 Services Gateway you must connect through the console port as shown in Figure 27 on p...

Page 119: ...on page 102 5 Connect the other end of the Ethernet cable to the console port on the services gateway see Figure 27 on page 102 6 Turn on the power to the management device 7 Start your asynchronous...

Page 120: ...ateway to the CLI from a remote location through two dial up modems A modem that is connected to the console port on the services gateway A second modem that is connected to a remote management device...

Page 121: ...x220h poe factory conf srx110b va defaults conf srx220h2 defaults conf srx110b va factory conf srx220h2 factory conf srx110b vb defaults conf srx220h2 poe defaults conf srx110b vb factory conf srx220h...

Page 122: ...g file name The following sample output displays the factory default configuration on an SRX550 Services Gateway Id Copyright c 2009 2011 Juniper Networks Inc All rights reserved system autoinstallati...

Page 123: ...interface vlan 0 xnm clear text name server 208 67 222 222 208 67 220 220 syslog archive size 100k files 3 interfaces ge 0 0 0 unit 0 ge 0 0 1 unit 0 family ethernet switching vlan members vlan trust...

Page 124: ...s vlan trust ge 0 0 4 unit 0 family ethernet switching vlan members vlan trust ge 0 0 5 unit 0 family ethernet switching vlan members vlan trust vlan unit 0 family inet address 192 168 1 1 24 security...

Page 125: ...200 source threshold 1024 destination threshold 2048 timeout 20 land zones security zone trust host inbound traffic system services all protocols all interfaces vlan 0 security zone untrust interface...

Page 126: ...interface vlan 0 protocols stp RELATED DOCUMENTATION SRX550 Services Gateway Basic Connectivity Overview 95 SRX550 Services Gateway Autoinstallation Overview 62 Configuring Basic Settings for the SRX5...

Page 127: ...CLI as the configuration editor Table 32 on page 111 summarizes the configuration tasks for the initial setup for both required and optional settings Table 32 Configuring Basic Settings Using the CLI...

Page 128: ...unrestricted access to the services gateway NOTE For readability the entire key is not shown Set the default gateway IP address and the next hop router address For example set interfaces ge 0 0 1 unit...

Page 129: ...e click Add Edit or Delete to configure VLANs Optional Configure interface groups VLANs Specify an interface other than a VLAN interface For example set interfaces ge 0 0 2 unit 0 family inet address...

Page 130: ...w the configuration on the Review Commit page Click Commit to save the configuration or click Back to make changes Required Commit the configuration NOTE After basic setup is configured the J Web setu...

Page 131: ...ivity settings select Configure System Properties System Identity Alternatively from configuration mode in the CLI enter the show command Review the following sample output Your output displays the va...

Page 132: ...110 Built In Ethernet Ports for the SRX550 Services Gateway You perform initial device setup through the six built in Gigabit Ethernet ports labeled 0 0 through 0 5 interfaces ge 0 0 0 through ge 0 0...

Page 133: ...ally assigned Client Untrust RJ 45 ge 0 0 0 NOTE If chassis clustering is enabled use this port as the management port fxp0 0 0 Ports 0 1 through 0 5 are grouped into a VLAN with IP address 192 168 1...

Page 134: ...Permit Untrust Trust Table 35 NAT Rule NAT Action Destination Zone Source Zone Source NAT to untrust zone interface Untrust Trust For example a common default firewall configuration includes the follo...

Page 135: ...must manually configure the IP address for the management port that you are using before you save your initial configuration When you save the configuration for the first time you will lose the connec...

Page 136: ...ccess For information about obtaining SSH software see http www ssh com and http www openssh com If you are using a Junos XML protocol server to configure and monitor devices you can activate cleartex...

Page 137: ...4 PART Maintaining and Troubleshooting Components Maintaining Components 122 Troubleshooting Components 125...

Page 138: ...taining the SRX550 Services Gateway Hardware Components The following tools and parts are required to maintain the hardware components of the services gateway Electrostatic bag or antistatic mat Elect...

Page 139: ...SRX550 Services Gateway Cooling System Components The services gateway fan controller works to maintain an optimal temperature for the services gateway If the fan controller fails the services gateway...

Page 140: ...cables connected to the services gateway are securely in place and that there is no moisture accumulating near the services gateway RELATED DOCUMENTATION Required Tools and Parts for Maintaining the...

Page 141: ...d line interface CLI is the primary tool for controlling and troubleshooting services gateway hardware the Junos OS routing protocols and network connectivity The CLI commands display information from...

Page 142: ...it indicates that no alarms are present on the device Left side of the front chassis panel ALARM The STATUS LED has the following indicator colors Green and steadily on indicates that the services ga...

Page 143: ...t functional Left side of the front chassis panel ACE Green and steadily on indicates that the redundant power supply is operating normally Red and steadily on indicates that one of the following cond...

Page 144: ...dition it lights the red or yellow alarm LED on the front panel as appropriate For a detailed description of the alarm condition issue the show chassis alarms CLI command There are two classes of alar...

Page 145: ...vices Gateway Chassis Components Alarm Severity Action Alarm Conditions Component Yellow minor If the internal flash fails at startup the services gateway automatically boots itself from the alternati...

Page 146: ...Center on page 138 The services gateway chassis temperature is too high Hardware components on the services gateway Red major Place your hand near the exhaust vents at the rear of the chassis to dete...

Page 147: ...eiving power and all AC and or DC power supply units PSUs are working properly On Green If you cannot determine the cause of the problem or need additional assistance while troubleshooting a services...

Page 148: ...er socket you are plugged into is in working condition Connect the power supply to a different power source with a new power cord or power cables If the power supply status LEDs indicate that the powe...

Page 149: ...rance Green DC OK AC One or more of the DC output voltages produced by the power supply are outside of tolerance Red The power supply is not receiving input power Unlit Normal indication No action is...

Page 150: ...power provided to the power supply is outside of tolerance Amber The power supply is not receiving input power Unlit RELATED DOCUMENTATION SRX550 Services Gateway Front Panel 15 Troubleshooting with...

Page 151: ...pressing and holding the RESET CONFIG button for 15 seconds or more until the STATUS LED blinks red deletes all configurations on the services gateway including the backup configurations and rescue co...

Page 152: ...actory defaults user host set chassis config button no rescue To disable the button and prevent the services gateway from resetting to either configuration enter the following command user host set ch...

Page 153: ...holding the RESET CONFIG button for 15 seconds or more until the STATUS LED blinks red deletes all configurations on the services gateway including the backup configurations and rescue configuration a...

Page 154: ...e using the Case Manager link at https www juniper net support or call 1 888 314 JTAC within the United States or 1 408 745 9500 outside the United States RELATED DOCUMENTATION Return Procedure for th...

Page 155: ...5 PART Replacing Components Overview of Replacing Components 140 Replacing Power System Components 142 Contacting Customer Support and Returning Components 152...

Page 156: ...ble 40 on page 140 Table 40 Tools and Parts Required for Replacing Services Gateway Hardware Components Components Tool or Part Cables and connectors 3 8 in nut driver or pliers Power supply Mini PIMs...

Page 157: ...Mini PIM or a GPIM see Physical Interface Modules RELATED DOCUMENTATION Replacing the AC Power Supply on the SRX550 Services Gateway 142 Replacing a DC Power Supply on the SRX550 Services Gateway 146...

Page 158: ...g and prevent thermal shutdown of the operating power supply unit each power supply slot must contain either a power supply or a blank panel If you remove a power supply you must install a replacement...

Page 159: ...it at least 60 seconds before turning it back on To remove an AC power supply 1 Switch off the dedicated facility circuit breaker for the power supply and remove the power cord from the AC power sourc...

Page 160: ...s fully seated in the chassis slot The power supply faceplate should be flush with any adjacent power supply faceplate see Figure 17 on page 72 3 Attach the power cord to the power supply 4 Route the...

Page 161: ...ect the AC power cord 1 Locate a replacement power cord with the type of plug appropriate for your geographical location 2 Connect the power cord to the power supply as shown in Figure 23 on page 89 F...

Page 162: ...supply on the SRX550 Services Gateway after disconnecting the power cord and removing the power supply already installed However redundant DC power supplies are hot swappble You need not power off th...

Page 163: ...emoval process 3 Attach an ESD grounding strap to your bare wrist and connect the strap to one of the ESD points on the chassis For more information about ESD see Preventing Electrostatic Discharge Da...

Page 164: ...wer is off locate the circuit breaker on the panel board that services the DC circuit switch the circuit breaker to off position O and tape the switch handle of the circuit breaker in the off position...

Page 165: ...a multimeter to verify the resistance of the 48V and RTN DC cables to chassis ground The cable with very large resistance indicating an open circuit to chassis ground will be 48V The cable with very l...

Page 166: ...er cables are connected correctly that they are not touching or blocking access to services gateway components and that they do not drape where people could trip on them 11 Remove the tape from the sw...

Page 167: ...RELATED DOCUMENTATION Preventing Electrostatic Discharge Damage to the SRX550 Services Gateway Required Tools and Parts for Replacing Hardware Components on the SRX550 Services Gateway 140 151...

Page 168: ...Parts for Packing the SRX550 Services Gateway 156 Packing the SRX550 Services Gateway for Shipment 157 Packing SRX550 Services Gateway Components for Shipment 158 Contacting Customer Support Once you...

Page 169: ...s for repair or replacement 1 Determine the part number and serial number of the services gateway or component 2 Obtain a Return Materials Authorization RMA number from JTAC NOTE Do not return the ser...

Page 170: ...e SRX550 Services Gateway 153 Listing the SRX550 Services Gateway Component Serial Numbers with the CLI 155 Information You Might Need to Supply to JTAC 156 Contacting Customer Support 152 Locating th...

Page 171: ...erface CLI command user host show chassis hardware Hardware inventory Item Version Part number Serial number Description Chassis AL1011AA0001 SRX550 Midplane REV 02 750 035027 AADB5078 Routing Engine...

Page 172: ...n name telephone number fax number and shipping address RELATED DOCUMENTATION Return Procedure for the SRX550 Services Gateway 153 Listing the SRX550 Services Gateway Component Serial Numbers with the...

Page 173: ...e ESD grounding strap to your bare wrist and connect the strap to the ESD point on the chassis or to an outside ESD point if the device is disconnected from earth ground For more information about ESD...

Page 174: ...50 Services Gateway 153 Packing SRX550 Services Gateway Components for Shipment 158 Required Tools and Parts for Packing the SRX550 Services Gateway 156 Packing SRX550 Services Gateway Components for...

Page 175: ...RELATED DOCUMENTATION Return Procedure for the SRX550 Services Gateway 153 Packing the SRX550 Services Gateway for Shipment 157 Required Tools and Parts for Packing the SRX550 Services Gateway 156 159...

Page 176: ...s 161 Fire Safety Requirements 171 Laser and LED Safety Guidelines and Warnings 173 Maintenance and Operational Safety Guidelines and Warnings 178 Electrical Safety Guidelines and Warnings 186 Agency...

Page 177: ...ats NOTE You might find this information helpful in a particular situation or you might overlook this important information if it was not highlighted in a Note CAUTION You need to observe the specifie...

Page 178: ...162...

Page 179: ...ie befinden sich in einer Situation die zu einer K rperverletzung f hren k nnte Bevor Sie mit der Arbeit an irgendeinem Ger t beginnen seien Sie sich der mit elektrischen Stromkreisen verbundenen Gefa...

Page 180: ...u are working under any conditions that could be hazardous to your eyes Do not perform any actions that create a potential hazard to people or make the equipment unsafe Never attempt to lift an object...

Page 181: ...unit handles SFB card handles and fan tray handles might become hot The following label provides the warning of the hot surfaces on the chassis Always ensure that all modules power supplies and cover...

Page 182: ...Restricted Access Warning 166...

Page 183: ...al un m canisme de verrouillage et une cl ou tout autre moyen de s curit L acc s aux zones de s curit est sous le contr le de l autorit responsable de l emplacement Warnung Diese Einheit ist zur Insta...

Page 184: ...nstallatie en reparaties mogen uitsluitend door getraind en bevoegd personeel uitgevoerd worden Varoitus Ainoastaan koulutettu ja p tev henkil kunta saa asentaa tai vaihtaa t m n laitteen Avertissemen...

Page 185: ...nserting the component into the device WARNING For safety periodically check the resistance value of the ESD grounding strap The measurement must be in the range 1 through 10 Mohms Avertissement Par m...

Page 186: ...Category 5e and Category 6 can get electrostatically charged To dissipate this charge always ground the cables to a suitable and safe earth ground before connecting them to the system Attention Les c...

Page 187: ...install and operate your equipment Fire Suppression In the event of an electrical hazard or an electrical fire you should first turn power off to the equipment at the source Then use a Type C fire ext...

Page 188: ...mature failure and unreliable operation The equipment is considered to be irreparably damaged NOTE To keep warranties effective do not use a dry chemical fire extinguisher to control a fire at or near...

Page 189: ...re equipped with laser transmitters which are considered a Class 1 Laser Product by the U S Food and Drug Administration and are evaluated as a Class 1 Laser Product per EN 60825 1 requirements Observ...

Page 190: ...il humain faisant converger toute la puissance du laser sur la r tine toute focalisation directe de l il sur une source laser m me de faible puissance peut entra ner des l sions oculaires irr versible...

Page 191: ...Luokan 1 valodiodituote Avertissement Alarme de produit LED Class I Warnung Class 1 LED Produktwarnung Avvertenza Avvertenza prodotto LED di Classe 1 Advarsel LED produkt i klasse 1 Aviso Produto de c...

Page 192: ...nstruments optiques Warnung Nicht direkt in den Strahl blicken und ihn nicht direkt mit optischen Ger ten pr fen Avvertenza Non fissare il raggio con gli occhi n usare strumenti ottici per osservarlo...

Page 193: ...t Vermeiden Sie es sich den Strahlungen auszusetzen und starren Sie nicht in die ffnungen Avvertenza Quando i cavi in fibra non sono inseriti radiazioni invisibili possono essere emesse attraverso l a...

Page 194: ...ings 178 Maintenance and Operational Safety Guidelines and Warnings IN THIS SECTION Battery Handling Warning 179 Jewelry Removal Warning 180 Lightning Activity Warning 182 Operating Temperature Warnin...

Page 195: ...leichen oder vom Hersteller empfohlenen Batterietyp Entsorgen Sie die benutzten Batterien nach den Anweisungen des Herstellers Advarsel Det kan v re fare for eksplosjon hvis batteriet skiftes p feil m...

Page 196: ...Jewelry Removal Warning 180...

Page 197: ...or der Arbeit an Ger ten die an das Netz angeschlossen sind jeglichen Schmuck einschlie lich Ringe Ketten und Uhren abnehmen Metallgegenst nde erhitzen sich wenn sie an das Netz und die Erde angeschlo...

Page 198: ...te sluiten of te ontkoppelen Varoitus l ty skentele j rjestelm n parissa l k yhdist tai irrota kaapeleita ukkosilmalla Avertissement Ne pas travailler sur le syst me ni brancher ou d brancher les c bl...

Page 199: ...Operating Temperature Warning 183...

Page 200: ...in einer Gegend betrieben werden in der die Umgebungstemperatur das empfohlene Maximum von 40 C berschreitet Um L ftungsverschlu zu verhindern achten Sie darauf da mindestens 15 2 cm lichter Raum um d...

Page 201: ...ia lakeja ja s nn ksi noudattaen Avertissement La mise au rebut d finitive de ce produit doit tre effectu e conform ment toutes les lois et r glementations en vigueur Warnung Dieses Produkt mu den gel...

Page 202: ...the device 3 If possible send another person to get medical aid Otherwise assess the condition of the victim then call for help General Electrical Safety Guidelines and Warnings Install the services g...

Page 203: ...Safety Guidelines AC Power Electrical Safety Guidelines The following electrical safety guidelines apply to AC powered devices Note the following warnings printed on the device CAUTION THIS UNIT HAS M...

Page 204: ...rds one for each power supply Power Cable Warning Japanese WARNING The attached power cable is only for this product Do not use the cable for another product DC Power Electrical Safety Guidelines and...

Page 205: ...A A DC powered services gateway that is equipped with a DC terminal block is intended only for installation in a restricted access location In the United States a restricted access area is one in acco...

Page 206: ...190...

Page 207: ...ur en tre s r localiser le disjoncteur situ sur le panneau de service du circuit en courant continu placer le disjoncteur en position ferm e OFF et l aide d un ruban adh sif bloquer la poign e du disj...

Page 208: ...y sujetar con cinta la palanca del interruptor autom tico en posici n de Apagado OFF Varning Innan du utf r n gon av f ljande procedurer m ste du kontrollera att str mf rs rjningen till likstr mskrets...

Page 209: ...connect e en dernier Warnung Der Erdanschlu mu bei der Installation der Einheit immer zuerst hergestellt und zuletzt abgetrennt werden Avvertenza In fase di installazione dell unit eseguire sempre per...

Page 210: ...194...

Page 211: ...ue le fil de masse devrait toujours tre reli d abord et d branch pour la derni re fois Warnung Die Stromzufuhr ist nur mit geeigneten Ring sen an das DC Netzteil anzuschliessen Die richtige Anschlusss...

Page 212: ...da da fia o mo da para moer RTN a RTN ent o 48 V a 48 V Ao desconectar a pot ncia a seq ncia apropriada da fia o 48 V a 48 V RTN a RTN moeu ent o para moer Anote que o fio terra deve sempre ser conect...

Page 213: ...197...

Page 214: ...ssene Verdrahtungsanschl sse z B Ringoesen oder gabelf rmige Kabelschuhe mit nach oben gerichteten Enden zu verwenden Diese Abschl sse sollten die angemessene Gr e f r die Dr hte haben und sowohl die...

Page 215: ...till ledningarna och m ste kunna h lla b de isoleringen och ledaren fastkl mda RELATED DOCUMENTATION SRX550 Services Gateway General Safety Guidelines and Warnings General Electrical Safety Guideline...

Page 216: ...es with the following standards Safety CSA 60950 1 2003 Safety of Information Technology Equipment UL 60950 1 2003 Safety of Information Technology Equipment EN 60950 1 2001 Safety of Information Tech...

Page 217: ...ances EN 61000 4 11 2004 Voltage Dips and Sags RELATED DOCUMENTATION SRX550 Services Gateway General Safety Guidelines and Warnings SRX550 Services Gateway Acoustic Noise Compliance Statements 201 SRX...

Page 218: ...appareil num rique de la classe A est conforme la norme NMB 003 du Canada European Community This is a Class A product In a domestic environment this product might cause radio interference in which c...

Page 219: ...ual might cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correc...

Page 220: ...attery Batteries in this product are not based on mercury lead or cadmium substances The batteries used in this product are in compliance with EU Directives 91 157 EEC 93 86 EEC and 98 101 EEC The pro...

Reviews:

No comments

Related manuals for SRX550

Vacon 20 Quick Manual preview
20
Brand: Vacon Pages: 62
Samsung DMS2.5 Service Manual preview
DMS2.5
Brand: Samsung Pages: 32
2VV AirGENIO SUPERIOR Manual preview
AirGENIO SUPERIOR
Brand: 2VV Pages: 27
ZIMO MX10 Instruction Manual preview
MX10
Brand: ZIMO Pages: 38
Samson 3430 Operating Instructions Manual preview
3430
Brand: Samson Pages: 52
Samson 3275 Mounting And Operating Instructions preview
3275
Brand: Samson Pages: 32
Danfoss Cascade Operating Instructions Manual preview
Cascade
Brand: Danfoss Pages: 59
Yamaha MusicCAST MCX-CA15 Install Manual preview
MusicCAST MCX-CA15
Brand: Yamaha Pages: 176
Full Gauge Controls MT-543Ri LOG Manual preview
MT-543Ri LOG
Brand: Full Gauge Controls Pages: 3
Festo CPX-AP-A-16DI-D-M12-5P Operating Instructions Manual preview
CPX-AP-A-16DI-D-M12-5P
Brand: Festo Pages: 16
Technische Alternative UVR 63H Operation And Installation Manual preview
UVR 63H
Brand: Technische Alternative Pages: 68
Finnleo SaunaLogic SL2 Control Manual preview
SaunaLogic SL2 Control
Brand: Finnleo Pages: 14
WAGO 767-4803/000-800 Manual preview
767-4803/000-800
Brand: WAGO Pages: 80
S&C IntelliCap Installation Manual preview
IntelliCap
Brand: S&C Pages: 24
GSD DCT2RM2501 Quick Start Manual preview
DCT2RM2501
Brand: GSD Pages: 5
Grundfos IO 401 Installation And Operating Instructions Manual preview
IO 401
Brand: Grundfos Pages: 20
Vent-Axia SAC 5 Installation And Wiring Instructions preview
SAC 5
Brand: Vent-Axia Pages: 4
Pegasus Astro Dual Motor Focus Controller Manual preview
Dual Motor Focus Controller
Brand: Pegasus Astro Pages: 16

Brands by name

Popular brands

Load more brands