ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

SSG5-isdn setup procedure

06.03.08   |  
‎06-03-2008 11:42 PM

Hello everybody,

 

Im seeking for an urgent help from you experts regarding step by step procedure to configure SSG5-isdn firewall.  Though I have some experience on Linux based firewall but Im new to hardware firewall stuffs. However, My network would be consist of two segments. Segment 1 would be consist of 4 webservers with database server support and all the server would be configured by separate global IP. Segment 2 would be our LAN and would like to access the internet through that firewall.

 

So guys kindly help me out regarding this matter as soon as possible.

 

Regards,

 

Redwan

5 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: SSG5-isdn setup procedure

06.04.08   |  
‎06-04-2008 07:27 AM

Hi,

 

Will you only be using the ISDN connection for remote access, or another form of connection as well, (eg ADSL with ISDN failover)?  I can tell you now, that when I set this up, it wasn't easy.

 

Cheers,

 

Keith 

Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG5-isdn setup procedure

[ Edited ]
06.04.08   |  
‎06-04-2008 07:49 AM

Here's a few documents to start:

 

SSG5 Getting Started
SSG5 Hardware Installation and Configuration Guide

 

Concepts & Examples Guide - Vol 1 - Overview
Concepts & Examples Guide - Vol 2 - Fundamentals

For all the ScreenOS Guides refer to Concepts & Examples Guides, and also there's the Knowledgebase.


 

Let us know how it goes.

--Josine

Message Edited by PentinProcessor on 06-04-2008 07:57 AM
ScreenOS Firewalls (NOT SRX)

Re: SSG5-isdn setup procedure

06.04.08   |  
‎06-04-2008 07:07 PM

hey keith,

 

Thanks for your reply. We are going to use 100Mbps shared internet connection(optical fiber connection) with 16 global IP which has been provided by our ISP. So far I stuied that eth 0/0 is for untrust zone (Im not sure whether it mean WAN zone), eth 0/1 is for DMZ zone and rest of the port for the bg group. the things that I didnt understand are,

 

1. Which port should I use for WAN connection of the firewall, I mean the line which come from my ISP, in which port I should put on the firewall?

2. configuration steps which I mentioned earlier.

 

Would you please help me out?

 

Best regards,

 

Redwan   

ScreenOS Firewalls (NOT SRX)

Re: SSG5-isdn setup procedure

06.04.08   |  
‎06-04-2008 07:14 PM

PentinProcessor

 

Thanks a lot for your mail and really appreciate your recommendations. 

but things is Im bit in hurry situation... so I need some sort of solution as soon as possible. in a short Im seeking an urgent help regarding this matter.

 

regards

 

Redwan

ScreenOS Firewalls (NOT SRX)

Re: SSG5-isdn setup procedure

06.05.08   |  
‎06-05-2008 03:15 AM

Redwan,

 

Hi, yes, ok ethernet0/0 is the Untrust or WAN interface.  When I configured our SSG 5-ISDN, I used PPPoE on this interface.  You will want to use ethernet0/1 for your DMZ.  You should be able to use any of your other interfaces for your Trust interface, ie internal LAN.

 

For your web servers, I am assuming you'll need them to have fixed public IPs, so would suggest using MIPs.  This can be done through ethernet0/0 edit > MIP.  The Mapped IP will be the public address & the Host obviously your web server.

 

Hopefully that will give you a good start on this.  Do you not have Juniper support for the issue?  They should be able to quickly walk you through setting everything else up.

 

Regards,

 

Keith