Juniper SRX5600 Manual
  1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Server
  5. SRX5600
  6. Manual

Juniper SRX5600 Manual

Firewall
Hide thumbs Also See for SRX5600:
Table of Contents

Advertisement

Quick Links

Download this manual
SRX5600 Firewall
Published
RELEASE
2023-10-13

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SRX5600 and is the answer not in the manual?

Questions and answers

Related Manuals for Juniper SRX5600

Summary of Contents for Juniper SRX5600

  • Page 1 SRX5600 Firewall Published RELEASE 2023-10-13...

  • Page 2: Table Of Contents

    Step 1: Prepare the Site for SRX5600 Firewall Installation Rack-Mounting Requirements | 2 Tools Required to Unpack and Prepare the SRX5600 Firewall for Installation | 4 Step 2: Install the Mounting Hardware in a Four-Post Rack or Cabinet or an Open-Frame Rack...
  • Page 3 Commit the Configuration | 24 Safety Warnings SRX5600 Firewall Compliance Statements for EMC Requirements...

  • Page 4: About This Guide

    About This Guide This guide contains information that you need to install and configure the SRX5600 Firewall quickly. For complete installation instructions, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/. WARNING: This guide contains a summary of safety warnings in "Safety Warnings"...

  • Page 5: Step 1: Prepare The Site For Srx5600 Firewall Installation

    Installation IN THIS SECTION Rack-Mounting Requirements | 2 Tools Required to Unpack and Prepare the SRX5600 Firewall for Installation | 4 Rack-Mounting Requirements • You can install the firewall in a four-post rack or cabinet or an open-frame rack. • The rack rails must be spaced widely enough to accommodate the firewall chassis's external dimensions: 14.0 in.
  • Page 6 Figure 1: Rack Clearance and Chassis Dimensions • The rack must be strong enough to support the weight of the fully configured firewall, up to 213 lb (97 kg). If you stack five fully configured firewalls in one rack, it must be capable of supporting about 1066 lb (485 kg).

  • Page 7: Tools Required To Unpack And Prepare The Srx5600 Firewall For Installation

    • When you are mounting the firewall in a partially filled rack, load the rack from the bottom to the top, with the heaviest component at the bottom of the rack. Tools Required to Unpack and Prepare the SRX5600 Firewall for Installation To unpack the firewall and prepare for installation, you need the following tools: •...
  • Page 8 2. On the back of each rack rail, partially insert a mounting screw into the lowest hole specified in Table 2 on page 3. Install the mounting shelf on the back of the rack rails. Rest the bottom slot of each flange on a mounting screw.
  • Page 9 Figure 2: Mounting Hardware for a Four-Post Rack or Cabinet...

  • Page 10: Step 3: Install The Firewall

    Figure 3: Mounting Hardware for an Open-Frame Rack Proceed to "Step 3: Install the Firewall" on page Step 3: Install the Firewall IN THIS SECTION Remove Components | 8 Install the Firewall Using a Lift | 10 Install the Firewall Without a Mechanical Lift | 11 Reinstall Components | 12 Because of the firewall’s size and weight, you must remove all components, as shown in Figure 4 on...

  • Page 11: Remove Components

    Remove Components Figure 4: Components to Remove from the Front of the Firewall...
  • Page 12 3. Immediately store each removed component in an electrostatic bag. 4. Do not stack removed components. Lay each one on a flat surface. NOTE: For complete instructions on removing firewall components, see “Install the Firewall SRX5600 Firewall Hardware Guide . Without a Mechanical Lift” in the...

  • Page 13: Install The Firewall Using A Lift

    1. Ensure that the rack is in its permanent location and is secured to the building. Ensure that the installation site allows adequate clearance for both airflow and maintenance. For details, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/. 2. Load the firewall onto the lift, making sure that it rests securely on the lift platform (see...

  • Page 14: Install The Firewall Without A Mechanical Lift

    3. Using the lift, position the firewall in front of the rack or cabinet, centering it in front of the mounting shelf. 4. Lift the chassis approximately 0.75 in. above the surface of the mounting shelf, and position it as close as possible to the shelf.

  • Page 15: Reinstall Components

    Reinstall Components 1. Attach an electrostatic discharge (ESD) grounding strap to your bare wrist, and connect the strap to one of the ESD points on the chassis. For more information about ESD, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/.

  • Page 16: Step 4: Connect The Grounding Cable

    5. Disconnect the ESD grounding strap from the site ESD grounding point, and connect it to one of the ESD points on the chassis. For more information about ESD, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/.

  • Page 17: Step 5: Connect External Devices And Network Cables

    Figure 8: Connecting the Grounding Cable 8. Verify that the grounding cabling is correct, that the grounding cable does not touch or block access to firewall components, and that it does not drape where people could trip over it. Proceed to "Step 5: Connect External Devices and Network Cables"...

  • Page 18: Connect To A Network For Out-Of-Band Management

    1. Have ready a length of the type of cable used by the interface. For cable specifications, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/. 2. If the cable connector port is covered by a rubber safety plug, remove the plug.
  • Page 19 CAUTION: Do not leave a fiber-optic transceiver uncovered except when you are inserting or removing cable. The safety cap keeps the port clean and prevents accidental exposure to laser light. 3. Insert the cable connector into the cable connector port on the faceplate as shown in Figure 9 on page Figure 9: Connect Network Cables...

  • Page 20: Step 6: Connect Power Cables

    ESD points on the chassis. For more information about ESD, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/. 2. Locate the power cords you will use to connect the device to AC power. See the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/...
  • Page 21 3. For each power supply: a. Move the power switch on the power supply faceplate to the OFF position (O). b. Insert the appliance coupler end of the power cord into the appliance inlet on the power supply (Figure 10 on page 18).

  • Page 22: Connect Power To A Dc-Powered Firewall

    Connect Power to a DC-Powered Firewall This procedure addresses connecting power to firewalls equipped with either standard-capacity or high- capacity DC power supplies. WARNING: To meet safety and electromagnetic interference (EMI) requirements and to ensure proper operation, you must properly ground the firewall chassis before connecting power.
  • Page 23 Figure 11: DC High-Capacity Power Supply Input Mode Switch c. Restore the metal plate to its original position over the input mode switch. 3. Secure the power cable lugs to the terminal studs, first with the split washers, then with the nuts as shown in Figure 12 on page 20.

  • Page 24: Step 7: Perform The Initial Software Configuration

    DC power supply terminal studs. 4. Connect each DC power cable to the appropriate external DC power source. NOTE: For information about connecting to external DC power sources, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/documentation/. 5. Switch on the power supply breakers to provide voltage to the DC power source cable leads.

  • Page 25: Enter Configuration Mode

    Enter Configuration Mode 1. If you have not already done so, switch the circuit breaker or toggle switch for each power supply to the ON position to start the device. The OK LED on the power supply faceplate should blink, and then light steadily.

  • Page 26: Configure System Attributes

    3. Commit the configuration to activate it on the firewall. [edit] root@# commit Configure System Attributes 1. Log in as the administrative user that you configured earlier. 2. Configure the name of the firewall. If the name includes spaces, enclose the name in quotation marks (“...
  • Page 27 6. Configure basic security zones and bind them to traffic interfaces. [edit] admin@# set security zones security-zone trust interfaces ge-4/3/5 admin@# set security zones security-zone untrust interfaces ge-4/2/0 7. Configure basic security policies. [edit] policy-name match source- admin@# set security policies from-zone trust to-zone untrust policy address any destination-address any application any policy-name then permit admin@# set security policies from-zone trust to-zone untrust policy...
  • Page 28 { user * { any emergency; file messages { any any; authorization info; file interactive-commands { interactive-commands any; license { autoupdate { url https://ae1.juniper.net/junos/key_retrieval; interfaces { ge-0/0/0 { unit 0; ge-2/0/0 { unit 0 { family inet { address 5.1.1.1/24;...
  • Page 29 ge-2/1/5 { unit 0 { family inet { address 192.1.1.1/24; fxp0 { unit 0 { family inet { address 192.168.10.2/24; routing-options { static { route 0.0.0.0/0 next-hop 5.1.1.2; security { zones { security-zone trust { interfaces { ge-2/1/5.0; security-zone untrust { interfaces { ge-2/0/0.0;...
  • Page 30 Safety Warnings WARNING: See installation instructions before you connect the firewall. This is a summary of safety warnings. For a complete list of warnings for the firewall, including translations, see the SRX5600 Firewall Hardware Documentation at www.juniper.net/ documentation/. WARNING: The intrabuilding port(s) of the firewall is suitable for connection to intrabuilding or unexposed wiring or cabling only.
  • Page 31 • When you are installing the firewall, do not use a ramp inclined more than 10 degrees. • Manually installing the firewall requires at least two people to lift the chassis. Before you lift the SRX5600 Firewall Hardware Guide . To prevent chassis, remove components as described in the injury, keep your back straight and lift with your legs, not your back.
  • Page 32 • Failure to observe these safety warnings can result in serious physical injury. • AC power cable warning (Japan): WARNING: The attached power cable is only for this product. Do not use the cable for another product. SRX5600 Firewall Compliance Statements for EMC Requirements IN THIS SECTION Canada | 30...
  • Page 33 Canada This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe A est conforme à la norme NMB-003 du Canada. European Community This is a Class A product. In a domestic environment this product might cause radio interference in which case the user might be required to take adequate measures.
  • Page 34 Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

This manual is also suitable for:

Srx5800Srx5400

Table of Contents