Table 20: Security Device Port Mode Summary (Part 1); Table 21: Security Device Port Mode Summary (Part 2) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide
110
NOTE: The serial interface is not available in DMZ-Dual-Untrust port mode.
To enable failover instead of passing traffic simultaneously, you can configure the failover
settings in the device configuration after you have added the device to the management
system. For details, see Network and Security Manager: Configuring ScreenOS and IDP
Devices Guide.
Port Mode Summary
Table 20 on page 110 and Table 21 on page 110 summarize the port, interface, and zone
bindings provided by the ScreenOS port modes. Port numbers are as labeled on the
Juniper Networks security device chassis. The Trust-Untrust mode entries represent the
default port modes.

Table 20: Security Device Port Mode Summary (Part 1)

Trust-Untrust Mode
Port Interface Zone
Untrusted Untrust Untrust
1 Trust Trust
2 Trust Trust
3 Trust Trust
4 Trust Trust
Modem serial Null

Table 21: Security Device Port Mode Summary (Part 2)

Combined Mode
Port Interface Zone
Untrusted ethernet4 Untrust
1 ethernet1 Work
2 ethernet2 Home
3 ethernet2 Home
4 ethernet3 Untrust
Modem N/A N/A
Home-Work Mode Dual Untrust Mode
Interface Zone Interface
ethernet3 Untrust ethernet3
ethernet1 Work ethernet1
ethernet1 Work ethernet1
ethernet2 Home ethernet1
ethernet2 Home ethernet2
serial Null N/A
Trust/Untrust/DMZ
Mode Dual Untrust Mode
Interface Zone Interface
ethernet3 Untrust ethernet4
ethernet1 Trust ethernet1
ethernet1 Trust ethernet1
ethernet2 DMZ ethernet2
ethernet2 DMZ ethernet3
serial Null N/A
Copyright © 2010, Juniper Networks, Inc.
Zone
Untrust
Trust
Trust
Trust
Untrust
N/A
Zone
Untrust
Trust
Trust
DMZ
Untrust
N/A