Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  SSG 140 basic setup (gateway IP)

    Posted 08-22-2011 14:20

    Hello,

     

    I'm completly new to juniper firewalls and reading a lot of materials but it's no so clear....

    This is what I need to do:

     

    1. Connect trusted zone interface to my LAN (thats easy)

     

    2. Connect untrasted zone Interface to my external CISCO router. I don't see where I could specify getway IP for for   untrasted interface...Do I have to set up a route?

     

    Thanks,

    Robert

     



  • 2.  RE: SSG 140 basic setup (gateway IP)
    Best Answer

    Posted 08-22-2011 14:55

    Hi Robert,

     

    I assume you're using a static IP interface configuration on your untrust interface.  In that case, yes, you'll need to set up a static default route to point to your upstream router.  Or, you can use a dynamic routing protocol such as OSPF if you like.

     

    The basic syntax is:

     

    set route 0.0.0.0/0 gateway 5.5.5.5

     

    Replace 5.5.5.5 with the IP address of the router interface that your SSG's untrust interface connects to.

     

    You could also optionally set up your untrusted interface to get its IP configuration (and its default route) via DHCP, if your upstream router provides that service.

     

    Remember, the SSG is a firewall, but it works like a router in many ways.



  • 3.  RE: SSG 140 basic setup (gateway IP)

    Posted 08-22-2011 15:14

    Great, thanks. I'm using static IP's. I'll test it tomorrow and most likly come back with more questions:)