How to Set Up Your SRX300 Services Gateway

Similar documents
How to Set Up Your SRX340 Services Gateway

How to Set Up Your SRX550 High Memory Services Gateway

How to Set Up Your SRX320 Services Gateway

How to Set Up Your SRX4100 Services Gateway

SRX110 Services Gateway Quick Start

SRX240 Services Gateway Quick Start

Juniper Secure Analytics Quick Start Guide

Conversion Instructions for SSG 300M-series Security Devices and J-series Services Routers

SRX 5600 and SRX 5800 Services Gateway Routing Engine Installation Instructions

DX Application Acceleration Platform Quick Start

Conversion Instructions for SSG 500M-series Security Devices and J-series Services Routers

DX 32xx and DX 36xx Quick Start

SRX 5600 Services Gateway DC Power Supply Installation Instructions

ACX2200 Universal Access Routers Quick Start

IDENTIFICATION OF VOLATILE AND NON-VOLATILE STORAGE AND SANITIZATION OF SYSTEM COMPONENTS JUNIPER NETWORKS SRX-SERIES SRX210B

UTM Content Security Gigabit Gateway CS-950

Manager Appliance Quick Start Guide

CBA850 3G/4G/LTE Wireless WAN Bridge Application Guide

Network Configuration Example

N3240 Installation and Setup Instructions

ACX4000 Universal Access Routers Quick Start

C2000 and C4000 Hardware Quick Start Guide

Junos WebApp Secure 5.0 Hardware Guide

JUNOS Software J Series Services Routers Quick Start

ACX1000 and ACX1100 Universal Access Routers Quick Start

Installing and Managing the Switch

M40e and M160 CIP Installation Instructions

SSG 300M-series Hardware Installation and Configuration Guide

Quick Start. This document describes how to install the Juniper Networks PTX5000 Packet Transport

SRX 5600 Services Gateway Getting Started Guide

PIX 535. PIX 535 Product Overview CHAPTER

Dell SC460 Expansion Enclosure Getting Started Guide

Installation and Configuration Guide

QUICKSTART GUIDE FOR BRANCH SRX SERIES SERVICES GATEWAYS

IDENTIFICATION OF VOLATILE AND NON-VOLATILE STORAGE AND SANITIZATION OF SYSTEM COMPONENTS JUNIPER NETWORKS SRX-SERIES SRX240H

Complete Hardware Guide for EX2200 Ethernet Switches

Installing the Cisco SFS 3504 Server Switch

PIX 515/515E. PIX 515/515E Product Overview CHAPTER

N3150 Installation and Setup Instructions

Network Configuration Example

QFX10008 Switch Quick Start Guide

PIX 520. PIX 520 Product Overview CHAPTER

TASER Axon Dock Installation Manual IMPORTANT SAFETY INSTRUCTIONS

Network Configuration Example

Installation Note for the Cisco ME 3800X and ME 3600X Switch Power Supply and Fan Modules

CM500 High Speed Cable Modem User Manual

MX240 3D Universal Edge Router Quick Start

Release Notes: J-Web Application Package Release 15.1A4 for Juniper Networks EX Series Ethernet Switches

ReadyNAS OS 6 Desktop Storage Systems

N3220 Installation and Setup Instructions

Quick Start Guide. AR530&AR550 Series Industrial Switching Routers. Issue: 07 ( ) Part number: HUAWEI TECHNOLOGIES CO.

Quick Start. M160 Internet Router. Juniper Networks, Inc North Mathilda Avenue Sunnyvale, CA USA

J-series Services Router Crypto Accelerator Module Installation Instructions

McAfee Network Security Platform

Installing the IPS 4345 and IPS 4360

SRX5400 Services Gateway Getting Started Guide

SFP GIGABIT MANAGED SWITCH ECO

Installing the Cisco MDS 9020 Fabric Switch

Quick Installation Guide

SDRAM Installation Instructions

H3C S12500 Routing Switch Series

Gigabit Ethernet Switch. Quick Installation Guide MS400834M

1 Getting Started Installing & Configuring

Allworx 24x Service and Troubleshooting Guide

H3C SecPath M9000-S NSQM2MPUD0 main processing unit

Quick Installation Guide

for Hardware Installation: IG550 Integrated Gateway

Overview of the Cisco VG224 Voice Gateway

M5 and M10 Routers Power Supply and Power Cord Component Replacement Instructions

M-series, MX-series, and T-series Routing Engine and MCS Installation Instructions

Before you begin. Unpack & Prepare. Install Hardware. Connect Drive Shelves. Apply Power. Connect Data Hosts. Connect Ethernet Cables

M-series and T-series Routing Engine and MCS Installation Instructions

Switch Interface Board (SIB) Installation Instructions

QUICK START GUIDE 7000 SERIES DEVICES

Version P/N Rev. A

GigaStor Upgradeable 2U. User Guide

Quick Start Guide. Cisco 220 Series Smart Plus Switches

CM500 High Speed Cable Modem User Manual

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS / XGS Quick Installation Guide

24-Port Gigabit with 4 Optional 10G Slots. Layer 3 Managed Stackable Switch XGS Quick Installation Guide

Installation and Configuration Guide

Before you begin. Unpack & Prepare. Install Hardware. Connect Drive Trays. Apply Power. Connect Data Hosts. Choose Management Method

Release Notes: J-Web Application Package Release 17.4A1 for EX4300 and EX4600 Switches

JUNOSPHERE RELEASE NOTES

EAP110-Outdoor. Installation Guide. 300Mbps Wireless N Outdoor Access Point

Installing the Cisco AS5400XM Universal Gateway

HP UPS R/T3000 G2. Overview. Precautions. Kit contents. Installation Instructions

UPGRADING STRM TO R1 PATCH

L2+ Managed Metro Ethernet Switch MGSW / MGSD Series

Installing and Removing SDRAM and DRAM

Metro-Optical Transport Access Nodes

Next Generation Firewall

Catalyst 2960-L Series Switches

Hardware Installation Guide Installation (x3350)

Junos Pulse for Google Android

Mediant 800 Gateway and E-SBC

Before you begin. Unpack & Prepare. Install Hardware. Connect Hardware. Apply Power. Choose Management Method. Install & Use SANtricity Software

Internet Telephony PBX System. (30/100/200/500 SIP Users Registrations) IPX-330/IPX-2100/IPX-2200/IPX Quick Installation Guide

EXN4000 Storage Expansion Unit Installation and Setup Instructions

Safe share. Application, installation and technical guide for ADRN Service Slice v1.0. ADRN Service Slice 1

Transcription:

How to Set Up Your SRX300 Services Gateway The SRX300 Services Gateway consolidates security, routing, switching, and WAN interfaces for small retail offices. With advanced threat mitigation capabilities, the services gateway provides cost-effective and secure connectivity. Front Panel Reset Config button Serial Console port 1G Ethernet ports 1G SFP ports With a desktop form-factor chassis, the SRX300 Services Gateway has six 1-Gigabit Ethernet ports, two 1-Gigabit Ethernet SFP ports, 1 USB 3.0 port, Console port (RJ45 and mini-usb), 4 GB of DRAM memory, and 8 GB of flash memory. g000732 Package Contents Power button LEDs USB port Mini-USB Console port ESD point Verify that you have the following parts available: SRX300 Services Gateway Back Panel RJ-45 cable with DB-9 adapter USB cable g000733 Power supply adapter Power cable Grounding point Lock Cable tie holder DC input Warranty and registration information End User License Agreement Quick Start Guide NOTE: The SRX300 Services Gateway shipment package contains a packing list. Check the parts in the shipment against the items on the packing list. If anything is missing or damaged, contact your Juniper Networks customer service representative. Specification Dimensions (D x W x H) Chassis weight Average power consumption Average heat dissipation Relative humidity Value 7.52 in. x 12.63 in. x 1.37 in. (19.10 cm x 32.08 cm x 3.48 cm) 4.38 lb (1.99 kg) 24.9 W 85 BTU/hr 5% to 90%, noncondensing 1

Factory-Default Settings Security Policies Source Zone Destination Zone Policy Action trust untrust permit trust trust permit Initial Configuration Process Install Device in a Rack Connect the Grounding Cable Power On the Device NAT Rules Source Zone Destination Zone Policy Action trust untrust Source NAT to untrust zone interface Interfaces Port Label Interface Security Zone DHCP State IP Address 0/0 and 0/7 ge-0/0/0 and ge-0/0/7 0/1 to 0/6 VLAN Interface irb.0 (ge-0/0/1 to ge-0/0/6) untrust Client Unassigned trust Server 192.168.1.1/24 Verify the Settings Configure Using ZTP/J-Web Connect to Management Device NOTE: Before you begin the installation, see the Safety Guide at https:// www.juniper.net/documentation/hardware/safety-guide/translated/index. html. Install the Device in a Rack 1. Position a mounting bracket on each side of the chassis. Use a number-1 Phillips screwdriver to install the screws that secure the mounting brackets and power supply adapter tray to the chassis. g043616 Services Services SRX300 SSH HTTPS NETCONF over SSH g005160 Protocols 2. Place the power supply adapter in the tray. Protocols RSTP (all interfaces) Screens Screens Basic set of screens are enabled on the untrust zone SRX300 Device Startup Mode Device Startup Mode Switching g005161 How to Set Up Your SRX300 Services Gateway 2

3. Have one person grasp the sides of the device, lift it, and position it in the rack. Align the bottom hole in each mounting bracket with a hole in each rack rail, making sure that the chassis is level. 4. Have a second person install a mounting screw into each of the two aligned holes. Use a number-3 Phillips screwdriver to tighten the mounting screws. Connect the Grounding Cable (Optional) 1. Attach an ESD strap to an ESD point and place the other end of the strap around your bare wrist. 2. Connect the grounding cable to a proper earth ground. 3. Place the grounding cable lug over the grounding point on the rear of the chassis. SRX300 CAUTION: A licensed electrician must attach a cable lug to the grounding cable. A cable with an incorrectly attached lug can damage the device. 4. Secure the grounding cable lug to the grounding point with the screw. g005162 g000735 5. Install the second screw in each mounting bracket. 6. Verify that the mounting screws on one side of the rack are aligned with the mounting screws on the opposite side and that the device is level. The SRX300 Services Gateway can also be mounted on a desk or a wall. For details, see the SRX300 Services Gateway Hardware Guide. NOTE: The mounting kits are not shipped with the device and must be ordered separately. How to Set Up Your SRX300 Services Gateway 3

SRX300 Power On the Device CAUTION: Before connecting the device to the power supply, attach an ESD strap to an ESD point and place the other end of the strap around your bare wrist. 1. Plug the DC connector end of the power cable into the power connector on the rear of the device. LED ALARM STAT PWR HA State Solid amber (noncritical alarm). Solid red (critical alarm). Off (no alarms). Solid green (operating normally). Solid red (error detected). Solid green (receiving power). Solid red (power failure). Off (no power). Solid green (all HA links are available). Solid amber (some HA links are unavailable). g000736 Solid red (HA links are not functional). Off (HA is disabled). 2. Plug the AC adapter end of the power cable into an AC power outlet. 3. Turn on the power to the AC power receptacle. 4. Note the following LED indications. Wait until the STATUS LED is solid green before proceeding to the next step. Connect the Management Device 1. To configure the device using J-Web (recommended), connect any of the network ports numbered 0/1 through 0/6 to the Ethernet port on the management device, using an RJ-45 cable. Ethernet port g000734 RJ-45 cable Ethernet port g000737 NOTE: The ge-0/0/0 and ge-0/0/7 interfaces (ports 0/0 and 0/7) are WAN interfaces. Do not use these ports for the initial configuration procedure. How to Set Up Your SRX300 Services Gateway 4

2. The services gateway functions as a DHCP server and automatically assigns an IP address to the management device. Ensure that the management device acquires an IP address on the 192.168.1.0/24 network from the device. If an IP address is not assigned to the management device, manually configure an IP address in the 192.168.1.0/24 network. Do not assign the 192.168.1.1 IP address to the management device, as this IP address is assigned to the services gateway. By default, the DHCP server is enabled on the L3 VLAN interface, irb.0 (interface ge-0/0/1 to ge-0/0/6), which is configured with an IP address of 192.168.1.1/24. To configure the device automatically using ZTP: NOTE: To complete the ZTP process, ensure that the services gateway is connected to the Internet. See the Connect the Management Device section. If you already have the authentication code, enter the code in the webpage displayed. 3. Connect port 0/0 or 0/7 to the ISP device to obtain a dynamic IP address. 4. Access the J-Web interface (https://192.168.1.1). The recommended browser is Internet Explorer version 10 or 11, Mozilla Firefox version 46 (or later), or Google Chrome 55 (or later). To configure the device using Zero Touch Provisioning, follow the procedure in the Configure the Device Using ZTP with Juniper Networks Network Service Controller section. To configure the device using J-Web, click Skip to J-Web and follow the procedure in the Configure the Device Using J-Web section. Configure the Device Using ZTP with Juniper Networks Network Service Controller Zero Touch Provisioning (ZTP) enables you to complete the initial configuration of the SRX300 Services Gateway in your network automatically, with minimum intervention. Network Service Controller is a component of the Juniper Networks Contrail Service Orchestration platform that simplifies and automates the design and implementation of custom network services that use an open framework. On successful authentication, the initial configuration is applied and committed on the services gateway. Optionally, the latest Junos OS image is installed on the device before the initial configuration is applied. If you do not have the authentication code, you can use the J-Web setup wizard to configure the services gateway. Click Skip to J-Web and follow the procedure in the Configure the Device Using J-Web section. For more information, refer to the Network Service Controller section in the datasheet at http://www.juniper.net/assets/us/en/local/pdf/ datasheets/1000559-en.pdf. How to Set Up Your SRX300 Services Gateway 5

Configure the Device Using J-Web To configure the device using J-Web, follow the steps in this section. Configure the Device Using the Guided Setup Mode 1. Select the expertise level as Basic or Expert. 1. Enter the root authentication password. 2. Select one of the following setup modes: The following table compares the Basic and Expert levels: Options Basic Expert Guided Setup (uses a dynamic IP address) Allows you to set up the device in a custom security configuration. You can select either the Basic or the Expert option. Default Setup (uses a dynamic IP address) Allows you to quickly set up the device with the default configuration. Any additional configuration can be done after the wizard setup is completed. High Availability Allows you to set up a chassis cluster with a default basic configuration. NOTE: The initial configuration requires that you specify the device name and root password. You can skip all the other steps and go directly to the Confirm & Apply page to apply the configuration. Number of internal zones allowed Internet zone configuration options Internal zone service configuration Internal destination NAT configuration 3 3 Static IP Dynamic IP Allowed Not allowed Static IP Static pool Dynamic IP Allowed Allowed How to Set Up Your SRX300 Services Gateway 6

2. Configure the basic settings: a. Device name b. Password for the root account (Use the password that you entered in Step 1 of the Configure the Device Using J-Web section.) c. Time 3. Configure the security topology: a. Internet zone (Untrust) b. Internal zones (Trust) c. DMZ 4. Configure the security policy: a. Licenses (Security services) b. DMZ policy c. Internet and internal policies d. Remote VPN 5. Configure Network Address Translation: a. Internal Source NAT b. Internal Destination NAT c. DMZ Destination NAT 6. Review the settings and click Apply Settings. NOTE: Check the connectivity from the management device to the SRX Series device. You might lose connectivity to the SRX Series device if you have changed the internal zone IP. Click the URL for reconnection instructions on the Confirm & Apply page to reconnect, if required. 7. Click Done to complete the setup. How to Set Up Your SRX300 Services Gateway 7

Configure the Device Using the Default Setup Mode 1. Configure the basic settings device name, root account information, and system time. 2. Configure the security policy licenses. the problem: Verify your configuration settings, and ensure that you have applied the configuration. Check if the ISP-supplied device connecting your SRX Series device to the Internet is turned on and working properly. Try turning it off and on again. After you complete these steps, the SRX Series device can pass traffic from any trust port to the untrust port. NOTE: With this step, you have successfully completed the initial configuration, and your SRX300 Services Gateway is ready for use. Change the Configuration Settings (Optional) After you complete the initial setup configuration, you can access the J-Web setup wizard by clicking Configure > Device Setup > Set Up. You can either edit the existing settings or create a new configuration. If you choose to create a new configuration, then all the current configuration in the services gateway will be deleted. 3. Review the settings and click Apply Settings. Click Done to complete the setup. You can also configure the services gateway using the CLI, by connecting to the Console port. For details, see the SRX300 Services Gateway Hardware Guide. Verify the Settings Access http://www.juniper.net to ensure that you are connected to the Internet. This connectivity ensures that you can pass traffic through the services gateway. If the page does not load, perform the following checks to see if you can identify How to Set Up Your SRX300 Services Gateway 8

Power Off the Device You can power off the device in one of the following ways: Graceful shutdown Press and immediately release the Power button. Forced shutdown Press the Power button, and hold it for 10 seconds. After powering off a power supply, wait at least 60 seconds before turning it back on. Reset the Configuration Use the RESET CONFIG button to restore the device to the factory-default configuration or to a rescue configuration. To press the RESET CONFIG button, insert a small probe (such as a straightened paper clip) into the pinhole on the front panel. Reference Technical Support http://www.juniper.net/support/requesting-support.html SRX300 Services Gateway Hardware Guide http://www.juniper.net/techpubs/en_us/release-independent/junos/ information-products/pathway-pages/hardware/srx300/index.html Supported Transceivers https://pathfinder.juniper.net/hct/product/#prd=srx300 Pressing and quickly releasing the RESET CONFIG button loads and commits the rescue configuration. The rescue configuration is a previously committed, valid configuration set through J-Web or the CLI. The STATUS LED is solid amber during this time. Pressing and holding the RESET CONFIG button for 15 seconds or more, until the STATUS LED is solid amber, deletes all configurations (backup configurations and rescue configuration), and loads and commits the factory configuration. NOTE: After resetting the device, check the device status by viewing the LEDs on the front panel. For information on the LED states, see the Power On the Device section. Next Steps For information on configuring features on your services gateway, refer to the following: Junos OS Documentation/Feature Configuration http://www.juniper.net/techpubs/en_us/release-independent/junos/ information-products/pathway-pages/srx-series/product/index.html Getting Started Knowledge Base Article https://kb.juniper.net/infocenter/index?page=content&id=kb15694 How to Set Up Your SRX300 Services Gateway 9

Copyright 2017, Juniper Networks, Inc. All rights reserved. Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Part Number: 530-081623 Rev. 01, November 2017.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback