ScreenOS Firewalls (NOT SRX)
Reply
Contributor
Redwan
Posts: 10
Registered: ‎06-03-2008
0

SSG5-isdn setup procedure

Hello everybody,

 

Im seeking for an urgent help from you experts regarding step by step procedure to configure SSG5-isdn firewall.  Though I have some experience on Linux based firewall but Im new to hardware firewall stuffs. However, My network would be consist of two segments. Segment 1 would be consist of 4 webservers with database server support and all the server would be configured by separate global IP. Segment 2 would be our LAN and would like to access the internet through that firewall.

 

So guys kindly help me out regarding this matter as soon as possible.

 

Regards,

 

Redwan

Contributor
keith
Posts: 42
Registered: ‎01-24-2008
0

Re: SSG5-isdn setup procedure

Hi,

 

Will you only be using the ISDN connection for remote access, or another form of connection as well, (eg ADSL with ISDN failover)?  I can tell you now, that when I set this up, it wasn't easy.

 

Cheers,

 

Keith 

Recognized Expert
PentinProcessor
Posts: 258
Registered: ‎11-06-2007
0

Re: SSG5-isdn setup procedure

[ Edited ]

Here's a few documents to start:

 

SSG5 Getting Started
SSG5 Hardware Installation and Configuration Guide

 

Concepts & Examples Guide - Vol 1 - Overview
Concepts & Examples Guide - Vol 2 - Fundamentals

For all the ScreenOS Guides refer to Concepts & Examples Guides, and also there's the Knowledgebase.


 

Let us know how it goes.

--Josine

Message Edited by PentinProcessor on 06-04-2008 07:57 AM
Contributor
Redwan
Posts: 10
Registered: ‎06-03-2008
0

Re: SSG5-isdn setup procedure

hey keith,

 

Thanks for your reply. We are going to use 100Mbps shared internet connection(optical fiber connection) with 16 global IP which has been provided by our ISP. So far I stuied that eth 0/0 is for untrust zone (Im not sure whether it mean WAN zone), eth 0/1 is for DMZ zone and rest of the port for the bg group. the things that I didnt understand are,

 

1. Which port should I use for WAN connection of the firewall, I mean the line which come from my ISP, in which port I should put on the firewall?

2. configuration steps which I mentioned earlier.

 

Would you please help me out?

 

Best regards,

 

Redwan   

Contributor
Redwan
Posts: 10
Registered: ‎06-03-2008
0

Re: SSG5-isdn setup procedure

PentinProcessor

 

Thanks a lot for your mail and really appreciate your recommendations. 

but things is Im bit in hurry situation... so I need some sort of solution as soon as possible. in a short Im seeking an urgent help regarding this matter.

 

regards

 

Redwan

Contributor
keith
Posts: 42
Registered: ‎01-24-2008
0

Re: SSG5-isdn setup procedure

Redwan,

 

Hi, yes, ok ethernet0/0 is the Untrust or WAN interface.  When I configured our SSG 5-ISDN, I used PPPoE on this interface.  You will want to use ethernet0/1 for your DMZ.  You should be able to use any of your other interfaces for your Trust interface, ie internal LAN.

 

For your web servers, I am assuming you'll need them to have fixed public IPs, so would suggest using MIPs.  This can be done through ethernet0/0 edit > MIP.  The Mapped IP will be the public address & the Host obviously your web server.

 

Hopefully that will give you a good start on this.  Do you not have Juniper support for the issue?  They should be able to quickly walk you through setting everything else up.

 

Regards,

 

Keith 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.