Example: Configuring Dip Pools On The Untrust Interface (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01 Manual
Configuring screenos devices guide
Hide thumbs
Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01:
- Manual (340 pages) ,
- Administration manual (1026 pages) ,
- Installation manual (244 pages)
Table of Contents
Advertisement
Related
Documentation
Example: Configuring DIP Pools on the Untrust Interface (NSM Procedure)
Copyright © 2010, Juniper Networks, Inc.
In the navigation tree, select Object Manager > NAT Objects > DIP.
6.
Click the Add icon to display the new Global DIP dialog box.
7.
Configure the Global DIP.
8.
Configure firewall rules:
9.
Rule 1 handles outgoing SIP traffic, and uses the outgoing interface to perform NAT.
Rule 2 handles incoming SIP traffic, and uses the Interface DIP as the destination
to perform NAT.
NOTE: SIP is a predefined service that uses port 5060 as the destination
port. To specify the SIP service in the Service column of a firewall rule, you
must select the predefined service group VoIP, which includes the H.323 and
SIP service objects.
Enabling Managed Devices Using Incoming DIP on page 73
Example: Translating Source IP Addresses into a Different Subnet (NSM Procedure)
on page 69
Interface Network Address Translation Using DIPs on page 67
In this example, you configure a DIP pool on the Untrust interface to perform NAT on
incoming SIP calls. After creating the DIP pool and Global DIP object, you configure a
firewall rule to permit SIP traffic from the Untrust zone to the Trust zone and reference
the DIP pool. You also configure a rule to permit SIP traffic from the Trust to the Untrust
zone, which enables hosts in the Trust zone to register with the proxy in the Untrust zone.
Add a NetScreen-204 device named Office B. Choose Model when adding each device
1.
and configure as running ScreenOS 5.1.
Configure ethernet1 (Trust Zone) for Office B:
2.
Double-click Office B device to open the device configuration. In the device
navigation tree, select Network > Interface.
Double-click ethernet1. The General Properties screen appears.
Configure IP address/netmask as 10.1.1.1/24 and Interface mode as NAT.
Click OK to save your changes.
Configure ethernet3 (Untrust Zone) for Office B:
3.
Double-click ethernet3. The General Properties screen appears.
Configure IP address/netmask as 1.1.1.1/24.
Chapter 3: Network Settings
75
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01 and is the answer not in the manual?