Table of Contents
Advertisement
ISG 2000 User's Guide
DNS and Default Route
NOTE:
12
DNS and Default Route
To use the MGT interface, connect an ethernet cable from the MGT interface to a
switch or router that leads to an exclusive segment of the network containing only
the ISG 2000 administrators' workstations. Then give the MGT interface an address
that is reachable from that network segment.
The default IP address/netmask for the MGT interface is 192.168.1.1 /24. Because
this address has been widely published, Juniper Networks strongly recommends
that you change it.
In our example, you assign the MGT interface the IP address 1.2.2.1/28. Use the
following command:
set interface mgt ip 1.2.2.1/28
The network security administrators in our example are going to access the ISG
2000 from workstations in the MGT zone. You want them to be able to use Telnet,
SSH, and HTTP only. You also want them to be able to ping the MGT interface.
By default, all options except ident-reset are enabled on the MGT interface.
Therefore, use the following commands to disable the management options that
you do not want the administrators to use:
unset interface mgt manage snmp
unset interface mgt manage ssl
save
Enter the get interface mgt command to review the MGT interface settings.
When you enter the DNS server IP addresses that you receive from your ISP, the
NetScreen device can resolve domain names that you use in your configuration,
such as addresses in policies or IKE gateways. To enter addresses for the two DNS
servers in our example, use the following commands:
set dns host dns1 2.2.2.5
set dns host dns1 2.2.2.6
save
When the ISG 2000 receives a static IP address, the ISP also provides the IP address
of the default gateway to which the ISG 2000 sends traffic destined for addresses for
which there are no specific routes. It is important that the ISG 2000 has a default
route pointing to this gateway. To enter the address of the default gateway in our
example, use the following command:
set vrouter trust-vr route 0.0.0.0/0 interface ethernet1/1 gateway 1.1.1.2
save
The ISG 2000 supports a large number of routing environments. For information
about configuring routing on the device, refer to the Routing volume in the
NetScreen Concepts & Examples ScreenOS Reference Guide.
Advertisement
Table of Contents
Related Manuals for Juniper ISG 2000
Related Products for Juniper ISG 2000
- Juniper IDP 8200
- Juniper IDP 250
- Juniper IDP 800
- Juniper IGP - CONFIGURATION GUIDE V11.1.X
- Juniper IP - CONFIGURATION GUIDE V11.1.X
- Juniper IPV6 - CONFIGURATION GUIDE V11.1.X
- Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - IP-IPV6-IGP CONFIGURATION GUIDE 2010-10-31
- Juniper NETWORK AND SECURITY MANAGER NSMXPRESS SERIES II - REV1