Juniper Networks 200 - Manual

NetScreen-200 Series 1 1 Chapter 1 Overview This chapter provides detailed descriptions of the NetScreen-200 Series system devices and their components. Topics in this chapter include: • “NetScreen-200 Systems” on page 2 – “NetScreen-204 Device” on page 2 – “NetScreen-208 Device” on page 2 • “The Fr...

Chapter 1 Overview 2 User’s Guide N ET S CREEN -200 S YSTEMS This NetScreen-200 Series currently includes the NetScreen-204 device and the NetScreen-208 device. NetScreen-204 Device The NetScreen-204 is a chassis-based, rack-mountable network security device with four ethernet 10/100 Base-T interfac...

The Front Panel NetScreen-200 Series 3 T HE F RONT P ANEL The features shared in common by NetScreen-204 and NetScreen-208 devices include: • A System Status LED display • An Asset Recovery Pinhole • A Console port • A Modem port • A Compact Flash Card Slot • Ethernet interfaces System Status LED Di...

Chapter 1 Overview 4 User’s Guide Asset Recovery Pinhole The Asset Recovery Pinhole is a button that resets the device to its original default settings. To use this button, insert a stiff wire (such as a straightened paper clip) into the pinhole. Alarm System Alarm red Critical alarm: • Failure of h...

The Front Panel NetScreen-200 Series 5 Console and Modem Ports The Console port is an RJ-45 serial console port connector, for vt100 terminal emulator programs to perform local configuration and administration. The Modem port is an RJ-45 serial console port connector, for establishing remote console...

Chapter 1 Overview 6 User’s Guide Ethernet Interfaces Each Ethernet port is a 10/100 auto-sensing interface with two link LEDs. The left LED indicates network traffic, and the right LED indicates an active network link. T HE R EAR P ANEL The figure below shows the rear panel of a NetScreen-200 Serie...

The Rear Panel NetScreen-200 Series 7 Power Fuse Each NetScreen-200 Series device uses a 2.5 Amp, slow-blow power fuse rated for 250 Volts. To replace a fuse on a NetScreen-200 Series device: 1. Take the device off-line by turning the power switch OFF and disconnecting the power cable. 2. Using a sc...

NetScreen-200 Series 9 2 Chapter 2 Installing the Device This chapter describes how to install a device in an equipment rack or on a desktop, and how to connect the device to other devices. Topics in this chapter include: • “General Installation Guidelines” on page 10 • “Performing Equipment-Rack In...

Chapter 2 Installing the Device 10 User’s Guide G ENERAL I NSTALLATION G UIDELINES Observing the following precautions can prevent injuries, equipment failures and shutdowns. • Never assume that the power supply is disconnected from a power source. Always check first. • Room temperature might not be...

Connecting the Power NetScreen-200 Series 11 There are two ways to rack-mount the NetScreen-200 Series: • Front mount • Mid-mount Front Mount To front mount the NetScreen-200 Series device on your equipment rack: 1. Screw the front mount bracket to the side of the chassis. 2. Screw the front mount b...

Chapter 2 Installing the Device 12 User’s Guide W IRING A DC P OWER S UPPLY The DC power supply, ON/OFF switch, grounding screw, and terminal blocks, are located in the back of the chassis of the power supply unit. To connect the DC power supply to a grounding point at your site: 1. Remove the hex n...

NetScreen-200 Series 15 3 Chapter 3 Configuring the Device This chapter describes how to perform initial configuration on a NetScreen-200 Series device once you have mounted it in a rack or desktop, plugged in the necessary cables, then turn the power ON. Topics in this chapter include: • “Operation...

Chapter 3 Configuring the Device 16 User’s Guide O PERATIONAL M ODES The NetScreen-200 Series device supports two device modes: Transparent mode and Route mode. The default mode is Route. Transparent Mode In Transparent mode, the NetScreen-200 device operates as a Layer-2 bridge. Because the device ...

Chapter 3 Configuring the Device 18 User’s Guide C ONNECTING THE D EVICE AS A S INGLE S ECURITY G ATEWAY There are many ways to connect a NetScreen-200 Series device to your network system. In most cases, the device serves as a single security gateway that protects at least one LAN (usually connecte...

Connecting the Device as a Single Security Gateway NetScreen-200 Series 19 In the following example, a NetScreen-208 device connects to a protected LAN through ethernet1 (bound to the Trust security zone) and to a protected DMZ through ethernet2 (bound to the DMZ security zone). The device connects ...

Chapter 3 Configuring the Device 20 User’s Guide E STABLISHING AN HA C ONNECTION B ETWEEN D EVICES To assure continuous traffic flow in the event of system failure, you can cable and configure two NetScreen devices in a redundant cluster. The devices propagate all network, configuration and session ...

Chapter 3 Configuring the Device 22 User’s Guide Switches 11. Cable together the switches labeled “Switch 3” and “Switch 4.”12. Cable together the switches labeled “Layer 3 switch 1” and “Layer 3 switch 2.”13. Cable the switches labeled “Layer 3 switch 1” and “Layer 3 switch 2” to routers. 14. Turn ...

Performing Initial Connection and Configuration NetScreen-200 Series 23 6. At the password prompt, type netscreen . 7. (Optional) By default, the console times out and terminates automatically after 10 minutes of idle time. To change this timeout interval, execute the following command: set console ...

Chapter 3 Configuring the Device 24 User’s Guide Setting the IP Address of the Management Interface To make an interface work as the management interface, you must set the IP address and subnet mask to the same address range as your computer (or LAN). Use the CLI save command to save your configurat...

Configuring the Device fo r T elnet and WebUI Sessions NetScreen-200 Series 25 Allowing Outbound Traffic By default, the NetScreen-200 Series device does not allow inbound or outbound traffic, nor does it allow traffic to or from the DMZ. To permit (or deny) traffic, you must create access policies....

Chapter 3 Configuring the Device 26 User’s Guide 5. (Optional) By default, the console times out and terminates automatically after 10 minutes of idle time. To change this timeout interval, execute the following command: set console timeout number where number is the length of idle time in minutes b...

Chapter 3 Configuring the Device 28 User’s Guide A SSET R ECOVERY If you lose the admin password, you can use one of the following procedures to reset the NetScreen device to its default settings. This destroys any existing configurations, but restores access to the device. Using CLI Commands to Res...

Asset Recovery NetScreen-200 Series 29 Using the Asset Recovery Pinhole to Reset the Device You can also reset the device and restore the factory default settings by pressing the asset recovery pinhole. To perform this operation, you need to make a console connection, as described in “Establishing a...

NetScreen-200 Series A-I A Appendix A Specifications This appendix provides general system specifications for the NetScreen-200 Series devices. • “NetScreen-200 Attributes” on page A-II • “Electrical Specification” on page A-II • “Environmental” on page A-II • “Safety Certifications” on page A-II • ...

Appendix A Specifications A-II User’s Guide N ET S CREEN -200 A TTRIBUTES Height: 1.73 inches (4.4 cm) Depth: 10.8 inches (27.4 cm) Width: 17.5 inches (44.5 cm) Weight: 8 pounds (36 hg) E LECTRICAL S PECIFICATION AC voltage: 100-240 VAC +/- 10% DC voltage: -36 to -60 VDC AC Watts: 45 Watts DC Watts:...

Index NetScreen-200 Series IX-I Index A asset recovery 28 B back panel 6 C cables connections 19 power 19 RJ-45 connectors 17 RJ45 connectors 5 , 13 twisted pair 13 , 17 cabling network interfaces 25 power supply 21 changing login and password 23 changing timeout 23 , 26 compact flash card slot 5 co...