manualshive.com logo in svg

NetScreen Technologies NetScreen-10 Series, Installer'S Manual

Get the "NetScreen Technologies NetScreen-10 Series Installer's Manual" free download from 88.208.23.73:8080. This comprehensive manual provides detailed instructions on setting up and configuring your NetScreen-10 Series device. Ensure seamless installation and optimal performance with this essential resource.

Share
Download
background image

LL

1HW6FUHHQ

Copyright Notice

Copyright © 2000-2001 NetScreen Technologies, Inc.
All rights reserved. Printed in USA.

NetScreen, the NetScreen logo, NetScreen-5, NetScreen-10, 
and NetScreen-100 are registered trademarks or trademarks 
of NetScreen Technologies, Inc.

Netscape Communicator is a registered trademark of 
Netscape in the United States and/or other countries. 
Microsoft, Windows and Windows NT are registered 
trademarks of Microsoft Corporation in the U.S.A. and/or 
other countries. Hyperterminal is a registered trademarks of 
Hilgaeve Corporation. All other brands and their products 
mentioned in this document are trademarks or registered 
trademarks of their respective owners.

The specifications regarding the products in this manual are 
subject to change without notice. All statements, 
information, and recommendations in this manual are 
believed to be accurate but are presented without warranty 
of any kind, express or implied. Users must take full 
responsibility for their application of any products. This 
document may only be used or copied in accordance with the 
terms of such license.

NetScreen Technologies, Inc. 
350 Oakmead Parkway 
Sunnyvale, CA 94085 U.S.A.
www.netscreen.com

FCC Statement

This equipment has been tested and found to comply with 
the limits for a Class A digital device, pursuant to part 15 of 
the FCC rules. These limits are designed to provide 
reasonable protection against harmful interference in a light 
commercial installation. This equipment generates, uses and 
can radiate radio frequency energy, and, if not installed and 
used in accordance with the instruction, may cause harmful 
interference to radio communications. However, there is no 
guarantee that interference will not occur in a particular 
installation. If this equipment does cause harmful 
interference to radio or television reception, which can be 
determined by turning the equipment off and on, the user is 
encouraged to try to correct the interference by one or more 
of the following measures:

•Reorient or relocate the receiving antenna.

•Increase the separation between the equipment and 

receiver.

•Consult the dealer or an experienced radio/TV techni-

cian for help.

•Connect the equipment to an outlet on a circuit differ-

ent from that to which the receiver is connected.

Caution: Changes or modifications to this product could 
void the user's warranty and authority to operate this device.

Product License Agreement

PLEASE READ THIS LICENSE AGREEMENT 
(“AGREEMENTS”) CAREFULLY BEFORE USING THIS 
PRODUCT. BY INSTALLING AND OPERATING, YOU 
INDICATE YOUR ACCEPTANCE OF THE TERMS OF 
THIS LEGAL AND BINDING AGREEMENT AND ARE 
CONSENTING TO BE BOUND BY AND ARE BECOMING 
A PART TO THIS AGREEMENT. IF YOU DO NOT AGREE 
TO ALL OF THE TERMS OF THIS AGREEMENT, DO NOT 
START THE INSTALLATION PROCESS.

1. License Grant. This is a license, not a sales agreement, 
between you, the end user, and NetScreen Technologies, Inc. 
(“NetScreen”). The term “Firmware” includes all NetScreen 
and third party Firmware and software provided to you with 
the NetScreen product, and includes any accompanying 
documentation, any updates and enhancements of the 
Firmware and software provided to you by NetScreen, at its 
option. NetScreen grants to you a non-transferable (except as 
provided in section 3 (“Transfer”) below, non-exclusive 
license to use the Firmware and software in accordance with 
the terms set forth in this License Agreement. The Firmware 
and software are “in use” on the product when they are 
loaded into temporary memory (i.e. RAM). 

2. Limitation on Use. You may not attempt and if you are a 
corporation, you will use best efforts to prevent your 
employees and contractors from attempting to, (a) modify, 
translate, reverse engineer decompile, disassemble, create, 
derivative works based on, sublicense, or distribute the 
Firmware or the accompanying documentation; (b) rent or 
lease any rights in the Firmware or software or 
accompanying documentation in any form to any person; or 
(c) remove any proprietary notice, labels, or marks on the 
Firmware, software, documentation, and containers. 

3. Transfer. You may transfer (not rent or lease) the 
Firmware or software to the end user on a permanent basis, 
provided that: (i) the end user receives a copy of this 
Agreement and agrees in writing to be bound by its terms 
and conditions, and (ii) you at all times comply with all 
applicable United States export control laws and regulations.

4. Proprietary Rights. All rights, title, interest, and all 
copyrights to the Firmware, software, documentation, and 
any copy made by you remain with NetScreen. You 
acknowledge that no title to the intellectual property in the 
Firmware and software is transferred to you and you will not 
acquire any rights to the Firmware except for the license as 
expressly set forth herein.

5. Term and Termination. The term of the license is for the 
duration of NetScreen's copyright in the Firmware and 
software. NetScreen may terminate this Agreement 
immediately without notice if you breach or fail to comply 
with any of the terms and conditions of this Agreement. You 
agree that, upon such termination, you will either destroy all 
copies of the documentation or return all materials to 
NetScreen. The provisions of this Agreement, other than the 
license granted in Section 1 (“License Grant”) shall survive 
termination.

Summary of Contents for NetScreen-10 Series

Page 1: ...1 76 5 1 QVWDOOHU V XLGH 9HUVLRQ 3 1 5HY...

Page 2: ...CATE YOUR ACCEPTANCE OF THE TERMS OF THIS LEGAL AND BINDING AGREEMENT AND ARE CONSENTING TO BE BOUND BY AND ARE BECOMING A PART TO THIS AGREEMENT IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEM...

Page 3: ...TY INCLUDING WITHOUT LIMITATION LOSS OF USE PROFITS GOODWILL SAVINGS LOSS OF DATA DATA FILES OR PROGRAMS THAT MAY HAVE BEEN STORED BY ANY USER OF THE FIRMWARE IN NO EVENT WILL NETSCREEN S OR ITS LICEN...

Page 4: ...LY 1HW6FUHHQ...

Page 5: ...WKH LUVW 7LPH 8VLQJ WKH HE8 0DNLQJ D RQQHFWLRQ 6HWWLQJ WKH 6 VWHP 3 GGUHVV RJJLQJ 2Q OORZLQJ 2XWERXQG 7UDIILF KDQJLQJ WKH GPLQLVWUDWRU RJLQ 1DPH DQG 3DVVZRUG 7HVWLQJ WKH RQILJXUDWLRQ 8VLQJ WKH 0DNLQJ...

Page 6: ...DUQLQJ 1R 8VHU 6HUYLFHDEOH 3DUWV DUQLQJ LUFXLW UHDNHU DUQLQJ 6 9 LUFXLW DUQLQJ LJKWQLQJ FWLYLW DUQLQJ LWKLXP DWWHU DUQLQJ 3URGXFW LVSRVDO DUQLQJ HQHUDO 6LWH 5HTXLUHPHQWV 2QVLWH 3UHFDXWLRQV TXLSPHQW 5D...

Page 7: ...cludes diagrams that show the typical placement of the NetScreen device between your network and the Internet and a summary of the tools and information you need before connecting the device Chapter 3...

Page 8: ...L 1HW6FUHHQ NetScreen CLI Reference Guide P N 093 0011 000 Revision C NetScreen WebUI Reference Guide P N 093 0040 000 Revision A NetScreen Concepts Examples ScreenOS Reference Guide P N 093 0039 000...

Page 9: ...lows solid green when power is supplied to the NetScreen 10 100 Status LED glows solid green when the NetScreen 10 100 is first powered up and the unit first performs diagnostics Then the unit goes in...

Page 10: ...cable with RJ45 connectors The DMZ port is a DCE port See Chapter 2 for cabling guidelines Untrusted Port Connect the NetScreen 10 100 using a twisted pair cable with RJ45 connectors The untrusted por...

Page 11: ...t power to the NetScreen 10 100 with the supplied power cable On Off Switch Turns the power to the NetScreen 10 100 on or off Table 1 1NetScreen 10 100 Model Numbers Model Type Functionality a Firewal...

Page 12: ...etScreen 10 100 menu column and explains the features found under each button The menu column consists of four functional categories System Network Lists and Monitor each of which contains further sub...

Page 13: ...a shown in Figure 1 5 lists the information for each of the menu items above in either a tabular or graphical format These displays generally contain links to other related screens through links such...

Page 14: ...KDSWHU DUGZDUH DQG 6RIWZDUH HVFULSWLRQ 1HW6FUHHQ...

Page 15: ...ation requires no tools Rack mounting requires a Phillips head screwdriver the rack mount bracket kit and four screws to match the rack Users will have to supply screws to match rack thread size Table...

Page 16: ...NetScreen 10 100 network connections follow these steps 1 Install the NetScreen 10 100 in a rack optional or on a level surface 2 Make sure that the power connection to the NetScreen 10 100 is turned...

Page 17: ...Figure 2 3 Sample Configuration with a Router Connected to the Untrusted Port Local Area Network LAN Connected to the Trusted Port 7 To use the DMZ interface use a crossover cable to connect the DMZ p...

Page 18: ...KDSWHU RQQHFWLQJ WKH 1HW6FUHHQ WR WKH 1HWZRUN 1HW6FUHHQ Figure 2 4 Sample Configuration Using DMZ Port...

Page 19: ...cables depending on your particular configuration A straight through cable is a 10 BaseT unshielded twisted pair UTP and is usually white A crossover cable is a 10 BaseT UTP and is usually orange A DT...

Page 20: ...KDSWHU RQQHFWLQJ WKH 1HW6FUHHQ WR WKH 1HWZRUN 1HW6FUHHQ...

Page 21: ...the first time via the Web use interface WebUI and via the command line interface CLI Table 3 1 Administration Requirements lists the workstation requirements for each method The installation procedur...

Page 22: ...0 100 to the Network 6HWWLQJ WKH 6 VWHP 3 GGUHVV For remote administration of the NetScreen device over a network connection you must change the system IP address The NetScreen 10 100 ships from the f...

Page 23: ...and then click OK For the first time configuration you are directed to a special setup page as shown in Figure 3 2 Figure 3 2 Initial IP Address Configuration Note The user name and password are case...

Page 24: ...3 3 Configuring in Progress Screen 7 Reconfigure your administration workstation IP address and netmask back to the values you recorded in step 1 Depending on the operating system you might have to r...

Page 25: ...e user name and password and then click OK Remember that the user name and password are case sensitive The Access Policies pages appear with the Outgoing Access Policies page displayed as shown in Fig...

Page 26: ...ion dialog box appears as shown in Figure 3 6 Policy Configuration Dialog Box on page 3 6 Figure 3 6 Policy Configuration Dialog Box 2 Set an Access Policy that allows all inside hosts to access the I...

Page 27: ...OK button The Outgoing Access Policies page now has one Access Policy that permits any inside traffic to pass through the firewall and access the Internet as shown in Figure 3 7 Access Policies Page...

Page 28: ...ted and DMZ interfaces 7HVWLQJ WKH RQILJXUDWLRQ From a workstation on the trusted side of the NetScreen 10 100 use your Web browser to access an external Web site for example www netscreen com You sho...

Page 29: ...erent operating system a VT100 terminal emulator Follow these steps to connect the NetScreen device to the workstation 1 Connect the serial cable from the management workstation to the console port on...

Page 30: ...rk connection you must change the system IP address The NetScreen 10 100 ships from the factory with a default IP address of 192 168 1 1 To change this to an address on the same subnet as the other ne...

Page 31: ...s 7HVWLQJ WKH RQILJXUDWLRQ From a workstation on the trusted side of the NetScreen 10 100 use a Web browser to access an external Web site for example www netscreen com You should be able to locate th...

Page 32: ...In Transparent mode the NetScreen device filters packets traversing the firewall without modifying any of the source or destination information in the IP packet header Because it does not translate a...

Page 33: ...0 0 0 0 Subnet Mask 0 0 0 0 Default Gateway 0 0 0 0 Manage IP a b c d Traffic Bandwidtha number a Optional setting for traffic shaping Untrusted IP 0 0 0 0 Subnet Mask 0 0 0 0 Default Gateway 0 0 0 0...

Page 34: ...with the IP address of the Untrusted port 1 of the NetScreen device Also it replaces the source port number with another random port number generated by the NetScreen device When the reply packet arri...

Page 35: ...lect b a Optional setting for traffic shaping b Selecting NAT for the Trusted interface defines the mode as NAT Selecting Route de fines the mode as Route Untrusted IP a b c d Subnet Mask A B C D Defa...

Page 36: ...ansparent mode you do not need to set up Virtual or Mapped IPs for servers in the DMZ the servers only require Internet routable IP addresses Using Route mode for the Trusted side likewise eliminates...

Page 37: ...face defines the mode as Route Selecting NAT de fines the mode as NAT c The default port number is 80 Changing this to any number between 1024 and 32 767 is advised for discouraging unauthorized acces...

Page 38: ...KDSWHU RQILJXULQJ WKH 1HW6FUHHQ IRU WKH LUVW 7LPH 1HW6FUHHQ...

Page 39: ...he devices tipping over do not stack or balance the equipment on other devices Make sure the installation is securely in place 6 7 51 1 6 Make sure that you adhere to the following set of safety warni...

Page 40: ...onsole and auxiliary ports contain safety extra low voltage SELV circuits Do not connect the NetScreen 10 100 to a telephone line or any Telco line e g T 1 T 3 RJ 48 lines Danger Do not work on the de...

Page 41: ...3UHFDXWLRQV You can place the NetScreen 10 100 on a desktop or mounted in a rack The location of the chassis and the layout of your equipment rack or wiring room are extremely important for proper sys...

Page 42: ...rayed power cords and missing safety grounds TXLSPHQW 5DFN 0RXQWLQJ XLGHOLQHV The following information will help you plan an acceptable equipment rack configuration Enclosed racks must have adequate...

Page 43: ...rity Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC 2403 The Use of HMAC MD5 96 within ESP and AH RFC 2404 The Use of HMAC SHA 1 96 within ESP and AH RFC 2405 The ESP DES...

Page 44: ...SSHQGL 6DIHW 5HFRPPHQGDWLRQV DQG DUQLQJV 1HW6FUHHQ...

Page 45: ...CLI Configuration DMZ port 2 4 initial 2 1 methods 3 1 multiple devices 2 2 testing 3 9 3 12 Connection examples 2 2 Console port 1 2 3 10 Data circuit terminating equipment See DCE Data Communication...

Page 46: ...e 3 2 3 11 NetScreen 10 100 connecting 2 2 Network address translation mode See NAT mode 2 Operating specification A 3 Outgoing access policies 3 5 3 Password changing 3 8 3 12 forgetting 3 8 initial...

Page 47: ...Transparent mode 3 1 3 7 Trusted port 1 2 2 6 8 Untrusted port 1 2 User name initial use 3 3 9 Ventilation A 3 A 4 Warnings A 1 Web administration tools 1 5 Web browser 1 vii requirements 3 1 Web user...

Page 48: ...QGH 1HW6FUHHQ...

Reviews:

No comments

Related manuals for NetScreen-10 Series

PaloAlto Networks PA-800 SERIES Quick Start Manual preview
PA-800 SERIES
Brand: PaloAlto Networks Pages: 2
Lightning SA MultiCom User Manual preview
MultiCom
Brand: Lightning SA Pages: 172
Nexcom NSA 1150 User Manual preview
NSA 1150
Brand: Nexcom Pages: 61
Nexcom NSA 3111 Series User Manual preview
NSA 3111 Series
Brand: Nexcom Pages: 80
IBASE Technology FWA5104 series User Manual preview
FWA5104 series
Brand: IBASE Technology Pages: 33
IBASE Technology FWA6304-D25 User Manual preview
FWA6304-D25
Brand: IBASE Technology Pages: 16
PaloAlto Networks PA-3020 Hardware Reference Manual preview
PA-3020
Brand: PaloAlto Networks Pages: 26
EBLOCKER eBlocker Quick Start Manuals preview
eBlocker
Brand: EBLOCKER Pages: 6
SonicWALL TZ 170 Series Quick Start Manual preview
TZ 170 Series
Brand: SonicWALL Pages: 12
PaloAlto Networks PA-220R Quick Start Manual preview
PA-220R
Brand: PaloAlto Networks Pages: 2
PaloAlto Networks PA-220 Quick Start Manual preview
PA-220
Brand: PaloAlto Networks Pages: 2
Lindy 42758 Installation Manual preview
42758
Brand: Lindy Pages: 4
IOGear GFH310 User Manual preview
GFH310
Brand: IOGear Pages: 1

Brands by name

Popular brands

Load more brands