Configuring A Backup Untrust Zone Interface - Juniper NetScreen-5GT Wireless User Manual
Hide thumbs
Also See for NetScreen-5GT Wireless:
- Getting started manual (5 pages) ,
- User manual (24 pages) ,
- Getting started manual (4 pages)
Table of Contents
Advertisement
Chapter 2 Configuring the Device
Configuring a Backup Untrust Zone Interface
By default, on NetScreen-5GT Wireless ADSL device, the adsl1 interface is the primary
connection to an outside network. Each port mode available on the NetScreen-5GT
Wireless ADSL device allows you the option of connecting either the Untrusted Ethernet
port or the Modem port as a backup connection to the outside network (see
Port Mode" on page
configure the interface appropriately.
Note: You can configure only one backup interface, using either the Untrusted Ethernet
port or Modem port connection. If you use the Untrusted port for the backup connection,
then configure the Untrust interface in Trust-Untrust port mode or the ethernet3 interface
for other port modes. If you use the Modem port for the backup connection, then configure
the serial interface for all port modes.
For example, to bind the Untrust interface to the Untrust zone:
WebUI
Network > Interfaces > Edit (for the untrust interface): Select Untrust from the
Zone Name drop-down list, and then click OK.
CLI
set interface untrust zone untrust
save
You also need to set a static IP address for the Untrust interface, or specify whether the
IP address for the interface is obtained via either DHCP or PPPoE. See the "Interfaces"
chapter in the "Fundamentals" volume of the NetScreen Concepts & Examples ScreenOS
Reference Guide for ScreenOS 5.0.0 for more information about configuring interface
parameters.
When the adsl1 interface and either the Ethernet interface (named untrust or ethernet3,
depending upon the port mode) or the serial interface is bound to the Untrust zone,
interface failover is automatically configured. That is, if the adsl1 interface becomes
unavailable, the NetScreen device automatically sends traffic to the backup interface. The
device automatically sends traffic to the adsl1 interface when the adsl1 interface is again
available.
Note: Only the adsl1 interface is affected by failover. That is, if you have also configured
ADSL subinterfaces, the subinterfaces do not fail over to the backup interface.
You can also manually force failover and failback on the adsl1 interface. For more
information, see the "Interface Redundancy" chapter in the "High Availability" volume of
the NetScreen Concepts & Examples ScreenOS Reference Guide for ScreenOS 5.0.0.
28
26). You must bind the backup interface to the Untrust zone and
"Changing the
User's Guide
Hide quick links:
Advertisement
Table of Contents
