How to Set Up Your SRX320 Services Gateway

Similar documents
How to Set Up Your SRX300 Services Gateway

How to Set Up Your SRX340 Services Gateway

How to Set Up Your SRX550 High Memory Services Gateway

How to Set Up Your SRX4100 Services Gateway

SRX110 Services Gateway Quick Start

SRX240 Services Gateway Quick Start

Juniper Secure Analytics Quick Start Guide

SRX 5600 and SRX 5800 Services Gateway Routing Engine Installation Instructions

SRX 5600 Services Gateway DC Power Supply Installation Instructions

DX Application Acceleration Platform Quick Start

Conversion Instructions for SSG 300M-series Security Devices and J-series Services Routers

DX 32xx and DX 36xx Quick Start

Network Configuration Example

Conversion Instructions for SSG 500M-series Security Devices and J-series Services Routers

Network Configuration Example

CBA850 3G/4G/LTE Wireless WAN Bridge Application Guide

IDENTIFICATION OF VOLATILE AND NON-VOLATILE STORAGE AND SANITIZATION OF SYSTEM COMPONENTS JUNIPER NETWORKS SRX-SERIES SRX210B

UTM Content Security Gigabit Gateway CS-950

Network Configuration Example

Unified Threat Management

QUICKSTART GUIDE FOR BRANCH SRX SERIES SERVICES GATEWAYS

IDENTIFICATION OF VOLATILE AND NON-VOLATILE STORAGE AND SANITIZATION OF SYSTEM COMPONENTS JUNIPER NETWORKS SRX-SERIES SRX240H

for Hardware Installation: IG550 Integrated Gateway

Network Configuration Example

Installation and Configuration Guide

UPGRADING STRM TO R1 PATCH

ACX2200 Universal Access Routers Quick Start

IDENTIFICATION OF VOLATILE AND NON-VOLATILE STORAGE AND SANITIZATION OF SYSTEM COMPONENTS JUNIPER NETWORKS SRX-SERIES SRX AP(DP)

SSG 300M-series Hardware Installation and Configuration Guide

Wireless LAN. SmartPass Quick Start Guide. Release 9.0. Published: Copyright 2013, Juniper Networks, Inc.

Unified Threat Management

Network Configuration Example

ReadyNAS OS 6 Desktop Storage Systems

Quick Installation Guide

Network Configuration Example

Installation Note for the Cisco ME 3800X and ME 3600X Switch Power Supply and Fan Modules

Junos Pulse for Google Android

JUNOS Software J Series Services Routers Quick Start

Manager Appliance Quick Start Guide

SDRAM Installation Instructions

IndigoVision Enterprise NVR-AS 4000 Linux Appliance. Quick Start Guide

Unified Threat Management

Configuring the Switch

Complete Hardware Guide for EX2200 Ethernet Switches

Internet Telephony PBX System. (30/100/500 SIP Users Registrations) IPX-330 / IPX-2100 / IPX Quick Installation Guide

IDENTIFICATION OF VOLATILE AND NON-VOLATILE STORAGE AND SANITIZATION OF SYSTEM COMPONENTS JUNIPER NETWORKS SRX SERIES SERVICES GATEWAY SRX650

Switch Interface Board (SIB) Installation Instructions

SFP GIGABIT MANAGED SWITCH ECO

Internet Telephony PBX System. (30/100/200/500 SIP Users Registrations) IPX-330/IPX-2100/IPX-2200/IPX Quick Installation Guide

ACX4000 Universal Access Routers Quick Start

UTM Content Security Gateway CS-2001

C2000 and C4000 Hardware Quick Start Guide

J-series Services Router Crypto Accelerator Module Installation Instructions

M40e and M160 CIP Installation Instructions

Juniper Exam JN0-696 Security Support, Professional (JNCSP-SEC) Version: 9.0 [ Total Questions: 71 ]

JUNOSPHERE RELEASE NOTES

ACX1000 and ACX1100 Universal Access Routers Quick Start

Network Configuration Example

Installation and Configuration Guide

TEW-211BRP. Wireless AP Router. User s Manual

DVG-6008S FXO VoIP Router

Gigabit SSL VPN Security Router SG-4800

M-series, MX-series, and T-series Routing Engine and MCS Installation Instructions

Allworx 24x Service and Troubleshooting Guide

M5 and M10 Routers Power Supply and Power Cord Component Replacement Instructions

Juniper Secure Analytics

Wireless Network Video Recorder

Installing and Managing the Switch

Overview of the Cisco VG224 Voice Gateway

CONFIGURING THE CX111 FOR THE SSG SERIES

Revision History E F G H J K Revision Description: K > Allegion Rebranding.

Network Configuration Example

Network Configuration Example

Cajun P333R. Quick Start Guide. Unpack 1. Rack mount (optional) 2. Power up 3. Connect the cables 4. Configure 5. Run Web-based Manager (optional)

Configuring Dynamic VPN

H3C SecPath M9000-S NSQM2MPUD0 main processing unit

Catalyst 2960-X and 2960-XR Switch Hardware Guide

Safe share. Application, installation and technical guide for ADRN Service Slice v1.0. ADRN Service Slice 1

Internet Telephony Gateway VGW-402 / VGW-400FS / VGW-400FO. Quick Installation Guide

16/24-Port 10/100/1000T 802.3at PoE + 2-Port 100/1000X SFP Managed Switch GS P2S GS P2S. Quick Installation Guide

N3240 Installation and Setup Instructions

Gigabit Ethernet Switch. Quick Installation Guide MS400834M

Installation and Configuration Guide

Network Configuration Example

EAP110-Outdoor. Installation Guide. 300Mbps Wireless N Outdoor Access Point

DNS-2608 Enterprise JBOD Enclosure User Manual

SRX 5600 Services Gateway Getting Started Guide

Catalyst 2360 Switch Getting Started Guide

Perle SMI Media Converter Installation Guide

Release Notes: J-Web Application Package Release 17.4A1 for EX4300 and EX4600 Switches

L2+ Managed Gigabit/10 Gigabit Ethernet Switch GS-5220 Series

Mediatrix 4400 Digital Gateway ISDN Telephones

TZ 170 Quick Start Guide

Quick Installation Guide DSL-2540U. ADSL Annex B/Ethernet Router with Built-in Switch

24-Port 100/1000X SFP + 4-Port 10G SFP+ Managed. Metro Ethernet Switch MGSW-28240F. Quick Installation Guide

Version P/N Rev. A

EXAM - JN ACX, Specialist (JNCIS-ACX) Buy Full Product.

Installing the IPS 4345 and IPS 4360

User Manual DIR-850L. Wireless AC1200 Dual Band Gigabit Router.

Configuring the Switch

Transcription:

How to Set Up Your SRX320 Services Gateway The SRX320 Services Gateway consolidates security, routing, switching, and WAN interfaces for small distributed enterprises. With advanced threat mitigation capabilities, the services gateway provides cost-effective and secure connectivity across distributed enterprises. Front Panel Reset Config button Serial Console port Mini-PIM slots With a desktop form-factor chassis, the SRX320 Services Gateway has six 1G Ethernet ports, two 1 G SFP ports, 4 GB of DRAM memory, and 8 GB of flash memory. The SRX320 Services Gateway is available with or without Power over Ethernet (PoE) capability. In the PoE model, the six Ethernet ports are PoE capable. g000753 Package Contents Power button LEDs USB port Mini-USB Console port 1G Ethernet ports 1G SFP ports Back Panel Lock Fans Cable tie holder SRX320 g000754 DB9 adapter Grounding point DC input RJ45 cable USB cable Specification SRX320 SRX320-PoE Dimensions (H x W x D) 7.52 in. x 11.81 in. x 1.73 in. 7.52 in. x 11.81 in. x 1.73 in. Power cable Chassis weight 3.28 lb 3.4 lb Average power consumption 27 W 112 W Average heat dissipation 157 BTU/hr 755 BTU/hr End-User License Agreement Safety Guide Quick Start Guide Warranty and Registration Information Power supply adapter g000752 Relative humidity 5% to 90%, noncondensing 5% to 90%, noncondensing Noise level 35 dba 40 dba 1

Gather Configuration Information Gather information about your network and the configuration settings that you will use to configure the device. Required Device name Root authentication Optional NTP server name or IP address Licenses Internet zone Static IP or Dynamic IP (provided by ISP) Port number DMZ Network IP address Port number Internal zone Zone name Network IP address Port number DHCP server Security policies Factory-Default Settings Security Policies Source Zone Destination Zone Policy Action trust untrust permit trust trust permit untrust trust deny NAT Rules Source Zone Destination Zone Policy Action trust untrust Source NAT to untrust zone interface Interfaces Port Label Interface Security Zone DHCP State IP Address 0/0 ge-0/0/0 untrust Client Dynamically assigned 0/1 ge-0/0/1 trust Server 192.168.1.1/24 0/2 ge-0/0/2 trust Server 192.168.2.1/24 0/3 ge-0/0/3 trust Server 192.168.3.1/24 0/4 ge-0/0/4 trust Server 192.168.4.1/24 0/5 ge-0/0/5 trust Server 192.168.5.1/24 Initial Configuration Process Connect the Grounding Cable (Optional) Power On the Device Connect the Management Device Remote client IP pool range Source NAT Internal zones for which source NAT has been added Verify the Settings Configure Using Guided/ Default Setup Log in to J-Web g000738 IP address or hostname How to Set Up Your SRX320 Services Gateway 2

Connect the Grounding Cable (Optional) 1. Connect the grounding cable to a proper earth ground. 2. Place the grounding cable lug over the grounding point on the rear of the chassis. NOTE: A licensed electrician must attach a cable lug to the grounding cable. A cable with an incorrectly attached lug can damage the device. 3. Secure the grounding cable lug to the grounding point with the screw. Apply between 6 in.-lb (0.67 Nm) and 8 in.-lb (0.9 Nm) of torque to the screw. Power On the Device NOTE: Before connecting the device to the power supply, attach an ESD strap to an ESD point and place the other end of the strap around your bare wrist. 1. Plug the DC connector end of the power cable into the power connector on the rear of the device. 2. Plug the AC adapter end of the power cable into an AC power outlet. Grounding point on the chassis Grounding screw Grounding lug g000757 3. Turn on the power to the AC power receptacle. g000756 4. Note the following LED indications. Wait until the STATUS LED is solid green before proceeding to the next step. g000755 How to Set Up Your SRX320 Services Gateway 3

LED ALARM State Solid amber (noncritical alarm). Solid red (critical alarm). Off (no alarms). NOTE: The ge-0/0/0 interface (port 0/0) is a WAN interface. Do not use this port for the initial configuration procedure. If you will be using the Default setup mode to configure the device, use only port 0/1. For information on the setup modes, see page 5. STAT PWR HA mpim1, mpim2 Solid green (operating normally). Solid red (error detected). Solid green (receiving power). Solid red (power failure). Off (no power). Solid green (all HA links are available). Solid amber (some HA links are unavailable). Solid red (HA links are not functional). Off (HA is disabled). Connect the Management Device Green (mini-pim is present and detected by the device). Off (mini-pim is not present or not detected by the device). 1. To configure the device using J-Web (recommended), connect any of the network ports numbered 0/1 through 0/5 to the Ethernet port on the management device, using an RJ-45 cable. 2. Ensure that the management device acquires an IP address. The IP address should be on the corresponding IP subnet for the interface you connected to in step 1. The device functions as a DHCP server and will assign an IP address to the management device. For example, if you are connected to port 0/1, then the IP address of the management device should be from the 192.168.1.x network. If an IP address is not assigned to the management device, manually configure an IP address. Do not assign the 192.168.1.1 IP address to the management device, as this IP address is assigned to the device. You can use the ipconfig (or ifconfig for Macintosh or Linux users) command to verify the IP address. Refer to the Interfaces table on page 2 for information on the subnet for each interface. NOTE: To configure the device using the CLI, connect the RJ-45 cable from the CONSOLE port to the supplied DB-9 adapter, which then connects to the serial port on the management device (serial port settings: 9600-N-1). Alternately, you can use the USB cable to connect to the mini-usb console port on the services gateway. To use the USB console port, you must download a USB driver to the management device from http://www.juniper.net/support/downloads/group/?f=junos. Ethernet port RJ-45 cable Ethernet port g000977 How to Set Up Your SRX320 Services Gateway 4

Log In to J-Web 1. Access the J-Web interface using the URL http://192.168.x.1, where x is the port number to which you are connected on the services gateway. The recommended browser is Mozilla Firefox version 23.x or later. 2. Select one of the following setup modes: Configure the Device Using the Guided Setup Mode 1. Connect port 0/0 to the ISP device to obtain a static IP address. Ensure that the cable connecting the ISP-supplied device to the SRX Series device is firmly seated. 2. Select the expertise level as Basic or Expert. Guided Setup (uses a static IP address) Allows you to set up the device in a custom security configuration. You can select either the Basic or the Expert option. The following table compares the Basic and Expert levels: Options Basic Expert Default Setup (uses a dynamic IP address) Allows you to quickly set up the device with the default configuration. Any additional configuration can be done after the wizard setup is completed. High Availability Allows you to set up a chassis cluster with a default basic configuration. Number of internal zones allowed Internet zone configuration options 3 3 Static IP Dynamic IP Static IP Static pool Dynamic IP NOTE: The initial configuration requires only the device name and root password. You can skip all the other steps and go directly to the Confirm & Apply page to apply the configuration. Internal zone service configuration Internal destination NAT configuration Allowed Not allowed Allowed Allowed How to Set Up Your SRX320 Services Gateway 5

3. Configure the basic settings: a. Device name b. Password for the root account c. Time 4. Configure the security topology: a. Internet zone b. Internal zones c. DMZ 5. Configure the security policy: a. Licenses b. DMZ policy c. Internal policy d. Remote access 6. Configure Network Address Translation: a. Source NAT b. Destination NAT 7. Review the settings and click Apply Settings. NOTE: Check the connectivity from the management device to the SRX Series device. You might lose connectivity to the SRX Series device if you have changed the management zone IP. Click the URL for reconnection instructions on the Confirm & Apply page to reconnect, if required. 8. Click Done to complete the setup. How to Set Up Your SRX320 Services Gateway 6

Configure the Device Using the Default Setup Mode 1. Connect port 0/0 to the ISP device to obtain a dynamic IP address. Ensure that the cable connecting the ISP-supplied device to the SRX Series device is firmly seated. Verify the Settings Access http://www.juniper.net to ensure that you are connected to the Internet. This connectivity ensures that you can pass traffic through the services gateway. NOTE: Verify that the management device is connected to port 0/1 on the services gateway before proceeding to the next step. 2. Configure the basic settings device name, root account information, and system time. 3. Configure the security policy licenses. If the page does not load, perform the following checks to see if you can identify the problem: Verify your configuration settings, and ensure that you have applied the configuration. Check if the ISP-supplied device connecting your SRX Series device to the Internet is turned on and working properly. Try turning it off and on again. After you complete these steps, the SRX Series device can pass traffic from any trust port to the untrust port. NOTE: With this step, you have successfully completed the initial configuration, and your SRX320 Services Gateway is ready for use. 4. Review the settings and click Apply Settings. Click Done to complete the setup. NOTE: Check the connectivity from the management device to the SRX Series device. You might lose connectivity to the SRX Series device if you have changed the management zone IP. Click the URL for reconnection instructions on the Confirm & Apply page to reconnect, if required. How to Set Up Your SRX320 Services Gateway 7

Change the Configuration Settings (Optional) After you complete the initial setup configuration, you can access the J-Web setup wizard by clicking Configuration Wizards > Set Up. You can either edit the existing settings or create a new configuration. If you choose to create a new configuration, then all the current configuration in the services gateway will be deleted. Reset the Configuration Use the RESET CONFIG button to restore the device to the factory-default configuration or to a rescue configuration. To press the RESET CONFIG button, insert a small probe (such as a straightened paper clip) into the pinhole on the front panel. Pressing and quickly releasing the RESET CONFIG button loads and commits the rescue configuration. The rescue configuration is a previously committed, valid configuration set through J-Web or the CLI. The STATUS LED is solid amber during this time. Pressing and holding the RESET CONFIG button for 15 seconds or more, until the STATUS LED is solid amber, deletes all configurations (backup configurations and rescue configuration), and loads and commits the factory configuration. NOTE: After a rescue configuration has been set, an amber ALARM LED indicates a minor issue, and a solid red ALARM LED indicates a major problem. Reference Junos OS Documentation http://www.juniper.net/techpubs/en_us/release-independent/junos/ information-products/pathway-pages/srx-series/product/index.html Technical Support http://www.juniper.net/support/requesting-support.html Power Off the Device You can power off the device in one of the following ways: SRX320 Services Gateway Hardware Guide http://www.juniper.net/techpubs/en_us/release-independent/junos/ information-products/pathway-pages/srx-series/product/index.html Graceful shutdown Press and immediately release the Power button. Forced shutdown Press the Power button, and hold it for 10 seconds. After powering off a power supply, wait at least 60 seconds before turning it back on. Copyright 2016, Juniper Networks, Inc. All rights reserved. Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Part Number: 530-066669 Rev. 01, March 2016.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback