Juniper 200 Series Скачать руководство пользователя | Manualshive

Страница: 1 / 40

background image

N

ET

S

CREEN

-200 S

ERIES

User’s Guide

Version 5.0

P/N 093-1253-000

Rev. C

1
2
3
...
»

Содержание 200 Series

Страница 1: ...NETSCREEN 200 SERIES User s Guide Version 5 0 P N 093 1253 000 Rev C ...

Страница 2: ...ications Operation of this equipment in a residential area is likely to cause harmful interference in which case users will be required to correct the interference at their own expense The following information is for FCC compliance of Class B devices The equipment described in this manual generates and may radiate radio frequency energy If it is not installed in accordance with NetScreen s instal...

Страница 3: ...hapter 2 Installing the Device 9 General Installation Guidelines 10 Performing Equipment Rack Installation 10 Equipment Rack Installation Guidelines 10 Front Mount 11 Mid Mount 11 Connecting the Power 11 Wiring a DC Power Supply 12 Connecting the NetScreen 200 Device to Other Devices 13 Chapter 3 Configuring the Device 15 Operational Modes 16 Transparent Mode 16 Route Mode 16 The NetScreen 200 Ser...

Страница 4: ... Outbound Traffic 25 Configuring the Device for Telnet and WebUI Sessions 25 Starting a Console Session Using Telnet 25 Starting a Console Session Using Dialup 26 Establishing a GUI Management Session 26 Asset Recovery 28 Using CLI Commands to Reset the Device 28 Using the Asset Recovery Pinhole to Reset the Device 29 Appendix A Specifications A I NetScreen 200 Attributes A II Electrical Specifica...

Страница 5: ...e T interface ports and performs firewall functions at 550 Mbps All NetScreen 200 Series 10 100 Base T ports perform auto speed sensing and auto polarity correction GUIDE ORGANIZATION This manual has three chapters and one appendix Chapter 1 Overview provides a detailed overview of the system and its components Chapter 2 Installing the Device describes how to rack mount the NetScreen 200 systems a...

Страница 6: ... the get system command to display the serial number of a NetScreen device JUNIPER NETWORKS NETSCREEN PUBLICATIONS To obtain technical documentation for any Juniper Networks NetScreen product visit www juniper net techpubs For technical support open a support case using the Case Manager link at http www juniper net support or call 1 888 314 JTAC within the United States or 1 408 745 9500 outside t...

Страница 7: ...ge 3 Asset Recovery Pinhole on page 4 Console and Modem Ports on page 5 Compact Flash Card Slot on page 5 Ethernet Interfaces on page 6 The Rear Panel on page 6 Power Supplies on page 6 Power Fuse on page 7 Note For safety warnings and instructions please refer to the NetScreen Safety Guide The instructions in this guide warn you about situations that could cause bodily injury Before working on an...

Страница 8: ...ase T interface ports The figure below shows a NetScreen 204 device NetScreen 208 Device The NetScreen 208 is a chassis based rack mountable network security device with eight ethernet 10 100 Base T interface ports The figure below shows a NetScreen 208 device System Status LEDs Asset Recovery Pinhole Console Port Modem Port Compact Flash Card Slot Ethernet Interfaces System Status LEDs Asset Reco...

Страница 9: ...ntains six LEDs The information revealed by each LED is as follows LED Name Purpose Color Meaning Power Power Supply green Power supply is functioning correctly off The device is not receiving power Status System Status amber At initial power up green At startup and while performing diagnostics blinking green Normal operation blinking red Error detected HA High Availability Status green Unit is th...

Страница 10: ... Low memory less than 10 remaining High CPU utilization more than 90 in use Session full Maximum number of VPN tunnels reached HA redundant group member not found off No alarms Status Session Utilization amber Session utilization is between 70 and 90 red Session utilization is greater than 90 off Normal operation Flash Memory Card Status green The card is installed blinking green Read write activi...

Страница 11: ... connection definitions To employ a standard UART port both the console and the modem ports use this configuration Compact Flash Card Slot The NetScreen 200 Series supports CompactFlash cards with a variety of memory capacities NetScreen has tested SanDisk 96MB and 512MB cards The NetScreen device automatically detects the presence of a flash card and records the system log to it DB9 Signal Abbrev...

Страница 12: ...device can have an AC power supply or a DC power supply The DC power supply can operate on one or two DC feeds ranging from 36V to 60V When you use two feeds they share the load If one feed fails the other automatically assumes the full load The internal fuse for the DC power supply is a 3 15A 250V fast acting fuse This is not replaceable Note Certain export restrictions may apply to international...

Страница 13: ...Series device 1 Take the device off line by turning the power switch OFF and disconnecting the power cable 2 Using a screwdriver separate the lid of the external fuse cover from the surface of the power outlet 3 Gently remove the fuse assembly 4 Slide the new fuse into the opening until the fuse clicks into place 5 Replace the power cable then turn the device power switch ON ...

Страница 14: ...Chapter 1 Overview 8 User s Guide ...

Страница 15: ...llation Guidelines on page 10 Front Mount on page 11 Mid Mount on page 11 Connecting the Power on page 11 Wiring a DC Power Supply on page 12 Connecting the NetScreen 200 Device to Other Devices on page 13 Note For safety warnings and instructions please refer to the NetScreen Safety Guide The instructions in this guide warn you about situations that could cause bodily injury Before working on any...

Страница 16: ...ck or wiring room are crucial for proper system operation Use the following guidelines while configuring your equipment rack Enclosed racks must have adequate ventilation An enclosed rack should have louvered sides and a fan to provide cooling air When mounting a chassis in an open rack ensure that the rack frame does not block the intake or exhaust ports If you install the chassis on slides check...

Страница 17: ...ssis 2 Screw the front mount bracket to the rack as shown below Mid Mount To mid mount the NetScreen 200 Series device on your equipment rack 1 Screw the mid mount bracket to the side of the chassis 2 Screw the mid mount bracket to the rack as shown below CONNECTING THE POWER To connect the power supply to the NetScreen 200 Series device 1 Plug the female end of a power cable into the male power r...

Страница 18: ...NetScreen 200 Series devices can operate on one or two feeds To connect DC power feeds to the terminal blocks 1 Strip the ends of the power cables 2 Loosen the three screws in the top of the block These are captive screws which you cannot completely remove 3 Insert the 48V DC power feed wires into the two outside receptacles of the terminal block 4 Insert the 0V DC feed wires into the center recep...

Страница 19: ...lows ethernet1 is bound to the Trust security zone by default Connect this interface using a twisted pair cable with RJ 45 connectors ethernet2 is bound to the DMZ security zone by default Connect this interface using a twisted pair cable with RJ 45 connectors ethernet3 is bound to the Untrust security zone by default Connect this interface using a twisted pair cable with RJ 45 connectors ethernet...

Страница 20: ...Chapter 2 Installing the Device 14 User s Guide ...

Страница 21: ... WebUI Sessions on page 25 Starting a Console Session Using Telnet on page 25 Starting a Console Session Using Dialup on page 26 Establishing a GUI Management Session on page 26 Asset Recovery on page 28 Note You must register your product at www juniper net support so that certain ScreenOS services such as the Deep Inspection Signature Service can be activated on the device After registering your...

Страница 22: ...gement according to configured security policies Route Mode In Route mode the NetScreen 200 device operates at Layer 3 Because you can configure each interface using an IP address and subnet mask you can configure individual interfaces to perform NAT When the interface performs NAT services the device translates the source IP address of each outgoing packet into the IP address of the untrusted por...

Страница 23: ...ce using a twisted pair cable with RJ 45 connectors ethernet2 Bound to the DMZ security zone by default Connect this interface using a twisted pair cable with RJ 45 connectors ethernet3 Bound to the Untrust security zone by default Connect this interface using a twisted pair cable with RJ 45 connectors ethernet4 On NetScreen 204 bound to HA zone by default On NetScreen 208 bound to the Null zone b...

Страница 24: ... single security gateway that protects at least one LAN usually connected to the device from a switch or a hub Connectivity Examples In the following example a NetScreen 208 device connects to the protected LAN through ethernet1 bound to the Trust security zone The device connects externally to a router through ethernet3 bound to the Untrust security zone Router Internet ethernet3 Untrust Zone eth...

Страница 25: ...00 Series network connections 1 Place the NetScreen 200 Series device in a rack or on a desktop 2 Confirm that the power connection to the device is turned OFF 0 pressed in 3 Connect the provided power cable from the power outlet to the power supply 4 Connect the device to the network see examples above 5 Turn the NetScreen 200 device power switch ON then turn the other network device power switch...

Страница 26: ...ch other Should one device fail the other takes over the traffic processing The following diagram shows a typical HA setup for NetScreen 208 devices Note For the NetScreen 204 the default HA interface is ethernet4 For the NetScreen 208 the default HA interface is ethernet8 Each is bound to the HA security zone Router Router Layer 3 Switch 2 Layer 3 Switch 1 To ethernet3 To ethernet3 To ethernet2 T...

Страница 27: ...Device 1 connect a 10 100 Base T cable from ethernet2 to the switch labeled DMZ 7 On Device 1 connect a 10 100 Base T cable from ethernet3 to the switch labeled Layer 3 switch 1 Device 2 8 On Device 2 connect a 10 100 Base T cable from ethernet1 to the switch labeled Switch 4 9 On Device 2 connect a 10 100 Base T cable from ethernet2 to the switch labeled DMZ 10 On Device 2 connect a 10 100 Base T...

Страница 28: ... cable into the serial port of your computer Be sure that the DB 9 is seated properly by screwing in the thumbscrews 2 Plug the RJ 45 end of the cable into the Console port of the NetScreen 200 Series device Be sure that the RJ 45 clip snaps into the port and is seated properly 3 Launch a Command Line Interface CLI session between your computer and the NetScreen 200 device using a standard serial ...

Страница 29: ...to change your admin name and password immediately Enter the following commands set admin name name_str set admin password pswd_str save For information on creating different levels of administrators see Administration in the NetScreen Concepts Examples ScreenOS Reference Guide Setting Port and Interface IP Addresses Through the CLI you can execute commands that set IP address and subnet mask valu...

Страница 30: ... interface by executing the following command set interface ethernet1 manage 4 Optional To confirm the new interface settings execute the following command get interface ethernet1 Setting the IP Address for the Untrust Zone Interface The NetScreen 200 Series device usually communicates with external devices through an interface bound to the Untrust zone such as ethernet3 To allow an interface to c...

Страница 31: ...Screen 200 Series device In addition you can start management sessions using the NetScreen WebUI a web based GUI management application Starting a Console Session Using Telnet To establish a Telnet session with the NetScreen 200 Series device 1 Connect an RJ 45 cable from ethernet1 to the internal switch router or hub in your LAN see Connecting the Device as a Single Security Gateway on page 18 2 ...

Страница 32: ...n Establishing a GUI Management Session To access the NetScreen 200 Series device with the WebUI management application 1 Connect your computer or your LAN hub to the ethernet1 port using a Category 5 Ethernet cable 2 Launch your browser enter the IP address of the ethernet1 interface in the URL field and then press Enter For example if you assigned the ethernet1 interface an IP address of 10 100 ...

Страница 33: ...27 The NetScreen WebUI application window appears Note NetScreen Security Manager 2004 NSM and NetScreen Rapid Deployment RD If you are using NSM you can optionally configure NetScreen appliances with RD Refer to the Rapid Deployment Getting Started Guide for more information ...

Страница 34: ...e will be erased In addition a permanent counter will be incremented to signify that this device has been reset This is your last chance to cancel this command If you proceed the device will return to factory default configuration which is System IP 192 168 1 1 username netscreen password netscreen Would you like to continue y n 4 Press the y key to reset the device You can now login in using nets...

Страница 35: ...ks green The serial console message now reads Waiting for 2nd confirmation 2 Release the button for one second 3 Push the button again for four to six seconds A serial console message states Second push has been confirmed The Status LED lights amber for one half second then returns to the blinking green state Continue to press the button until the message Configuration Erase sequence accepted unit...

Страница 36: ...Chapter 3 Configuring the Device 30 User s Guide ...

Страница 37: ...is appendix provides general system specifications for the NetScreen 200 Series devices NetScreen 200 Attributes on page A II Electrical Specification on page A II Environmental on page A II Safety Certifications on page A II EMI Certifications on page A II ...

Страница 38: ...250Volts ENVIRONMENTAL The maximum normal altitude is 0 12 000 ft 0 3 660 m NEBS CERTIFICATIONS Level 3 NetScreen 208 with DC power GR 63 Core NEBS Environmental Testing GR 1089 Core EMC and Electrical Safety for Network Telecommunications Equipment SAFETY CERTIFICATIONS UL CUL CSA CB Austel CE EMI CERTIFICATIONS FCC class A BSMI CE class A C Tick VCCI class A Temperature Operating Non operating N...

Страница 39: ...y wiring 12 dialup connection 26 G guide organization v H high availability establishing an HA connection 20 I installation guidelines 10 IP address conflicts 19 L LEDs 6 link lights 6 19 logging on 26 login changing 23 M management port setting an IP address 23 management session 26 mounting rear and front rack installation 11 multiple devices 19 N NetScreen Publications vi NetScreen 204 208 abou...

Страница 40: ...Index IX II User s Guide S session establishing 22 using a dialup connection 26 T transparent mode 16 V ventilation 10 viewing port settings 23 ...

Отзывы:

Нет отзывов

Похожие инструкции для 200 Series

BNI IOL-314-S52-P012

Бренд: Balluff Страницы: 22

BNI IOL-727-S51-P012

Бренд: Balluff Страницы: 20

Бренд: IBM Страницы: 156

Бренд: Kramer Страницы: 28

Бренд: Alyseum Страницы: 7

Бренд: N-Tron Страницы: 20

S5130S-EI series

Бренд: H3C Страницы: 67

Бренд: Zamel Страницы: 4

Бренд: e+p Страницы: 2

Бренд: Cabletron Systems Страницы: 170

Бренд: Omron Страницы: 10

Бренд: EtherWAN Страницы: 2

Бренд: EtherWAN Страницы: 2

Antenna-Disconnect-Switch

Бренд: ADS Страницы: 12

Бренд: EtherWAN Страницы: 239

EXT-HDMI-CAT5-844

Бренд: Gefen Страницы: 28

Бренд: CoolGear Страницы: 8

Бренд: VigilLink Страницы: 9

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды