Table of Contents
Advertisement
ISG 2000 User's Guide
Basic Configuration
Figure 5: Basic Firewall and VPN Configuration
The NetScreen-ISG 2000 permits
selected traffic between zones.
Default GW: 1.1.1.2
DNS #1: 2.2.2.5
DNS #2: 2.2.2.6
MGT Zone
10.2.2.0/28
4
Basic Configuration
The following sections contain the CLI commands for setting up the ISG 2000 as a
firewall and VPN termination point for the network shown in Figure 5. By entering
these commands, you can perform a basic configuration of the ISG 2000 so that it
can perform firewall and VPN functions.
Untrust Zone
Internet
ISP
ISP
ethernet1/1
1.1.1.1/30
Policies
PWR
ALARM
TEMP
STA TUS
HA
ISG 2000
FAN
MOD1
MOD2
MOD3
FLASH
MGT
ethernet2/1
10.2.2.1/28
10.1.1.1/24
NAT mode
LAN
10.1.1.0/24
Trust Zone
A route-based VPN tunnel provides
secure bidirectional traffic between
the NetScreen-ISG 2000 and a remote peer.
LAN
10.2.2.0/24
Remote Peer
1
2
3
4
UNTRUSTED
POWER
STA TUS
LINK/ACTIVIT
Y
®
10/100
VPN
Tunnel
ethernet1/2
HTTP Server
1.2.2.1/29
www.jnpr.net
1.2.2.2:80
Note: The rook icon represents
a security zone interface.
DMZ
LAN
1.2.2.0/29
Mail Relay Server
smtp.jnpr.net
1.2.2.3:25
Advertisement
Table of Contents
