ملخص المحتوى في الصفحة رقم 1
Security Products
SSG 20 Hardware Installation and Configuration Guide
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, CA 94089
USA
408-745-2000
www.juniper.net
Part Number: 530-015646-01, Revision 03
ملخص المحتوى في الصفحة رقم 2
Copyright Notice Copyright © 2006 Juniper Networks, Inc. All rights reserved. Juniper Networks and the Juniper Networks logo are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks in this document are the property of Juniper Networks or their respective owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any i
ملخص المحتوى في الصفحة رقم 3
Table of Contents About This Guide 5 Organization ....................................................................................................6 WebUI Conventions .........................................................................................6 CLI Conventions...............................................................................................7 Obtaining Documentation and Technical Support............................................8 Chapter 1 Hardware Overview 9 Port a
ملخص المحتوى في الصفحة رقم 4
SSG 20 Hardware Installation and Configuration Guide Using Telnet ............................................................................................30 Default Device Settings ..................................................................................31 Basic Device Configuration ............................................................................33 Root Admin Name and Password............................................................33 Date and Time....................
ملخص المحتوى في الصفحة رقم 5
About This Guide The Juniper Networks Secure Services Gateway (SSG) 20 device is an integrated router and firewall platform that provides Internet Protocol Security (IPSec) virtual private network (VPN) and firewall services for a branch office or a retail outlet. Juniper Networks offers two models of the SSG 20 device: SSG 20, which supports auxiliary (AUX) connectivity SSG 20-WLAN, which supports integrated 802.11a/b/g wireless standards Both SSG 20 devices support universal serial bus (U
ملخص المحتوى في الصفحة رقم 6
SSG 20 Hardware Installation and Configuration Guide Organization This guide contains the following sections: Chapter 1, “Hardware Overview,” describes the chassis and components of an SSG 20 device. Chapter 2, “Installing and Connecting the Device,” describes how to mount an SSG 20 device and how to connect cables and power to the device. Chapter 3, “Configuring the Device,” describes how to configure and manage an SSG 20 device and how to perform some basic configuration tasks. Chapter
ملخص المحتوى في الصفحة رقم 7
About This Guide Figure 1: Navigational Path and Configuration Settings CLI Conventions The following conventions are used to present the syntax of CLI commands in examples and in text. In examples: Anything inside square brackets [ ] is optional. Anything inside braces { } is required. If there is more than one choice, each choice is separated by a pipe ( | ). For example: set interface { ethernet1 | ethernet2 | ethernet3 } manage means “set the management options for the ethernet1, the e
ملخص المحتوى في الصفحة رقم 8
SSG 20 Hardware Installation and Configuration Guide Obtaining Documentation and Technical Support To obtain technical documentation for any Juniper Networks product, visit www.juniper.net/techpubs/. For technical support, open a support case using the Case Manager link at http://www.juniper.net/support/ or call 1-888-314-JTAC (within the United States) or 1-408-745-9500 (outside the United States). If you find any errors or omissions in this document, please contact us at the following emai
ملخص المحتوى في الصفحة رقم 9
Chapter 1 Hardware Overview This chapter provides detailed descriptions of the SSG 20 chassis and its components. It contains the following sections: “Port and Power Connectors” on page 10 “Front Panel” on page 11 “Back Panel” on page 16 9
ملخص المحتوى في الصفحة رقم 10
SSG 20 Hardware Installation and Configuration Guide Port and Power Connectors This section describes and displays the location of the built-in ports and power connectors. Refer to the following figure for built-in port locations and Table 1 for the power connector descriptions. Figure 2: Built-in Port and Mini-PIM Location Mini-PIM 1 Mini-PIM 2 12 LINK SSG 20 POWER PIM 1 802.11a PIM 2 b/g STATUS WLAN 10 /100 0/0 10/100 0/0 10/100 0/0 10 /100 0/0 10 /100 AUX AUX 0/0 AUX Console 0/0 0/1 0/2
ملخص المحتوى في الصفحة رقم 11
Front Panel This section describes the following elements on the front panel of an SSG 20 device: System Status LEDs Port Descriptions Mini Physical Interface Module Port Descriptions System Status LEDs The system status LEDs display information about critical device functions. Figure 3 illustrates the position of each status LED on the front of the SSG 20-WLAN device. The WLAN LEDs are only present on the SSG 20-WLAN device. Figure 3: Status LEDs 12 802.11a POWER PIM 1 STATUS PIM 2 b/g
ملخص المحتوى في الصفحة رقم 12
SSG 20 Hardware Installation and Configuration Guide Name Color Status Description PIM 2 Green On steadily Indicates that the mini PIM is functioning. Blinking Indicates that the mini PIM is passing traffic. Off Indicates that the mini PIM is not operational. WLAN (On WLAN device only) 802.11a Green On steadily Indicates that a wireless connection is established but there is no link activity. Blinking slowly Indicates that a wireless connection is established. The baud rate is proportional to
ملخص المحتوى في الصفحة رقم 13
Port Descriptions This section explains the purpose and function of the following: Ethernet Ports Console Port AUX Port Ethernet Ports Five 10/100 Ethernet ports provide LAN connections to hubs, switches, local servers, and workstations. You can also designate an Ethernet port for management traffic. The ports are labeled 0/0 through 0/4. For the default zone bindings for each Ethernet port, see “Default Device Settings” on page 31. When configuring one of the ports, reference the interfac
ملخص المحتوى في الصفحة رقم 14
SSG 20 Hardware Installation and Configuration Guide AUX Port The auxiliary (AUX) port is an RJ-45 serial port wired as data terminal equipment (DTE) that can be connected to a modem to allow remote administration. We do not recommend using this port for regular remote administration. The AUX port is typically assigned to be the backup serial interface. The baud rate is adjustable from 9600 bps to 115200 bps and requires hardware flow control. Use a straight-through cable when connecting to
ملخص المحتوى في الصفحة رقم 15
Table 4: Mini PIM LED States on the SSG 20 Type Name Color State Description ADSL 2/2+ SYNC Green On steadily Indicates that the ADSL interface is trained (Annex A Blinking Indicates training is in progress and B) Off Indicates that the interface is idle TX/RX Green Blinking Indicates that traffic is passing through Off Indicates that no traffic is passing through ISDN (BRI) CH B1 Green On steadily Indicates that B-Channel 1 is active Off Indicates that B-Channel 1 is not active CH B2 Green On
ملخص المحتوى في الصفحة رقم 16
SSG 20 Hardware Installation and Configuration Guide Back Panel This section describes the following elements on the back panel of an SSG 20 device: Power Adapter Radio Transceivers Grounding Lug Antennae Types USB Port Figure 6: Back Panel of an SSG 20-WLAN Device Antenna B Antenna A Device USB port security lock LOCK B A RESET DC POWER USB 12V 4A Power adapter Reset Grounding pinhole lug Power Adapter The POWER LED on the front panel of a device either glows green or is off. Green
ملخص المحتوى في الصفحة رقم 17
Grounding Lug A one-hole grounding lug is provided on the rear of the chassis to connect the device to earth ground (see Figure 6). To ground the device before connecting power, connect a grounding cable to earth ground and then attach the cable to the lug on the rear of the chassis. Back Panel 17
ملخص المحتوى في الصفحة رقم 18
SSG 20 Hardware Installation and Configuration Guide Antennae Types The SSG 20-WLAN device supports three types of custom-built radio antennae: Diversity antennae — The diversity antennae provide 2dBi directional coverage and a fairly uniform level of signal strength within the area of coverage and are suitable for most installations. This type of antennae is shipped with the device. External omnidirectional antenna — The external antenna provides 2dBi omnidirectional coverage. Unlike dive
ملخص المحتوى في الصفحة رقم 19
Chapter 2 Installing and Connecting the Device This chapter describes how to mount an SSG 20 device and connect cables and power to the device. This chapter contains the following sections: “Before You Begin” on page 20 “Installing Equipment” on page 20 “Connecting Interface Cables to a Device” on page 22 “Connecting the Power” on page 22 “Connecting a Device to a Network” on page 23 For safety warnings and instructions, refer to the Juniper Networks Security NOTE: Products Safety Guide.
ملخص المحتوى في الصفحة رقم 20
SSG 20 Hardware Installation and Configuration Guide Before You Begin The location of the chassis, the layout of the mounting equipment, and the security of your wiring room are crucial for proper system operation. WARNING: To prevent abuse and intrusion by unauthorized personnel, install the SSG 20 device in a secure environment. Observing the following precautions can prevent shutdowns, equipment failures, and injuries: Before installation, always check that the power supply is disconnect