Allowing outbound traffic, Starting a console session using telnet, Ui s – Juniper Networks 5000 SERIES Manuel d'utilisation

Page 37: Onfiguring, Evice, Elnet, Essions

Advertising
background image

Configuring the Device for Telnet and WebUI Sessions

NetScreen-5000 Series

29

3.

Set the IP address and subnet mask by executing the following command:

set interface ethernet2/3 ip ip_addr/mask

where ip_addr is the IP address and mask is the subnet mask. For example, to
set the IP address and subnet mask of the ethernet2/3 interface to
172.16.20.1/16:

set interface ethernet2/3 ip 172.16.20.1/16

4.

(Optional) To confirm the new interface settings, execute the following
command:

get interface ethernet2/3

Allowing Outbound Traffic

By default, the NetScreen-5000 Series device does not allow inbound or outbound traffic,
nor does it allow traffic to or from the DMZ. To permit (or deny) traffic, you must create
access policies.

The following CLI command creates an access policy that permits all kinds of outbound
traffic, from any host in your trusted LAN to any device on the untrusted network.

set policy from trust to untrust any any any permit

Save your access policy configuration with the following command:

save

C

ONFIGURING

THE

D

EVICE

FOR

T

ELNET

AND

W

EB

UI S

ESSIONS

In addition to terminal emulator programs, you can use Telnet (or dialup) to establish
console sessions with the NetScreen-5000 Series device. In addition, you can start
management sessions using the NetScreen WebUI, a web-based GUI management
application.

Starting a Console Session Using Telnet

To establish a Telnet session with the NetScreen-5000 Series device:

1.

Connect an RJ-45 cable from the MGT interface to the internal switch, router, or
hub in your LAN.

2.

Open a Telnet session, specifying the current MGT interface IP address. For
example, in Windows, click Start > Run, enter telnet ip_addr (where ip_addr
is the address of the MGT interface), then click OK.

Important:

Your network might require a more restrictive policy than the one created in

the example above. The example is NOT a requirement for initial configuration. For
detailed information about access policies, see the NetScreen Concepts & Examples
ScreenOS Reference Guide.

Advertising
Marques populaires
Manuels populaires