Restricting Management; Configuring Additional Policies; Operational Mode - Juniper NetScreen-5GT Wireless User Manual
Hide thumbs
Also See for NetScreen-5GT Wireless:
- Getting started manual (5 pages) ,
- User manual (24 pages) ,
- Getting started manual (4 pages)
Table of Contents
Advertisement
Restricting Management
By default, anyone in your network can manage the NetScreen device if they know the
login and password. You can configure the NetScreen device to be managed only from one
or more specific hosts on your network. (And you can choose which services — for
example, WebUI, Telnet, ping — you want enabled on the NetScreen device.) Refer to the
"Administration" chapter in the "Administration" volume of the NetScreen Concepts &
Examples ScreenOS Reference Guide for ScreenOS 5.0.0.
Configuring Additional Policies
The NetScreen-5GT Wireless devices are configured with a default policy that permits
workstations in the Trust zone of your network to access any kind of service with outside
computers, while outside computers are not allowed to access or start sessions with your
workstations. You can configure policies that direct the NetScreen device to permit
outside computers to start specific kinds of sessions with your computers. To create or
modify policies, refer to the "Policies" chapter in the "Fundamentals" volume of the
NetScreen Concepts & Examples ScreenOS Reference Guide for ScreenOS 5.0.0.
Operational Mode
The operational mode is the way an interface on a NetScreen device processes traffic
between zones. By default, the NetScreen-5GT Wireless devices operates in Route mode
with network address translation (NAT) enabled on the Trust interface. This means that
when devices in the Trust zone send traffic to the Internet, the NetScreen device replaces
the original source IP addresses with the IP address of the Untrust interface. While the
NetScreen device assigns "private" IP addresses to the devices in your network, these
addresses remain hidden to computers outside your network.
If all devices in your network have public IP addresses, then you can configure the
NetScreen device for Route mode without NAT enabled. In Route mode without NAT
enabled, the NetScreen device routes traffic by checking IP addresses. For more
information about configuring the device for Route mode without NAT enabled, refer to
the "Interface Modes" chapter in the "Fundamentals" volume of the NetScreen Concepts &
Examples ScreenOS Reference Guide for ScreenOS 5.0.0.
NetScreen-5GT Wireless
Optional Configuration
25
Hide quick links:
Advertisement
Table of Contents
