Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  MGT interface query - ISG2000

    Posted 06-16-2009 07:39

    hi, can anybody advise if its actually possible to apply a MIP to the MGT interface on an ISG2000. ?

     

    We have services within the vlan connected to the MGT interface that I would like to access but could only do it (VPN tunnel excepted) using a MIP

     

    cheers



  • 2.  RE: MGT interface query - ISG2000
    Best Answer

    Posted 06-16-2009 09:22

    MGT interface  belongs to MGT zone. MGT zone is a functional zone so MGT interace cannot have MIPs.

     

    Before ScreenOS 6.2, MGT zone is hard-coded to MGT interface.

     

    From ScreenOS 6.2, you can assign a security zone to MGT interface and therefore use MIPs

     

    nsisg2000-> set int mgt zone untrust

    nsisg2000-> set interface mgt ip 172.19.47.61/23

    nsisg2000-> set interface mgt mip 172.19.50.120 host 1.1.1.1

     



  • 3.  RE: MGT interface query - ISG2000

    Posted 06-17-2009 02:52
    Hi Cesar - thanks for that, much appreciated, looks like a 6.2 upgrade in the offing then.  good news  cheers