ISG 2000 User’s Guide
4 Basic Configuration
Basic Configuration
The following sections contain the CLI commands for setting up the ISG 2000 as a
firewall and VPN termination point for the network shown in Figure 5. By entering
these commands, you can perform a basic configuration of the ISG 2000 so that it
can perform firewall and VPN functions.
Figure 5: Basic Firewall and VPN Configuration
HA
FLASH
PWR
FAN
ALARM
MOD1
TEMP
MOD2
STATUS
MOD3
ISG 2000
®
POWER STATUS
1 2 3 4
LINK/ACTIVITY
10/100
UNTRUSTED
DMZ
ISP
Untrust Zone
Internet
LAN
10.2.2.0/24
VPN
Tunnel
Policies
ethernet1/1
1.1.1.1/30
ethernet2/1
10.1.1.1/24
NAT mode
LAN
10.1.1.0/24
Trust Zone
MGT Zone
10.2.2.0/28
ethernet1/2
1.2.2.1/29
LAN
1.2.2.0/29
HTTP Server
www.jnpr.net
1.2.2.2:80
Mail Relay Server
smtp.jnpr.net
1.2.2.3:25
Remote Peer
ISP
Default GW: 1.1.1.2
DNS #1: 2.2.2.5
DNS #2: 2.2.2.6
MGT
10.2.2.1/28
The NetScreen-ISG 2000 permits
selected traffic between zones.
A route-based VPN tunnel provides
secure bidirectional traffic between
the NetScreen-ISG 2000 and a remote peer.
Note:
The rook icon represents
a security zone interface.
To Next Page
Loading...
Need help?
General