Juniper NetScreen-5GT Getting Started Manual

Getting Started Guide

CONNECTING THE DEVICE

Use the instructions below to connect the NetScreen-5GT Wireless ADSL device and
prepare to configure it to protect your network. Use the LEDs on the front panel to help
you determine the device status.

Step 1

Connect the provided ADSL cable from the ADSL port of the
NetScreen device to the telephone outlet.

Note: You can obtain and install a signal splitter on the ADSL line.
The splitter divides the ADSL signal into low-frequency voice signals
for voice calls and high-frequency data signals for data traffic. You
can also install microfilters on telephones that share the ADSL line.

Step 2

Note: You can access the Initial Configuration Wizard (ICW) from
the Trust Ethernet interface.

• If the workstation is in a LAN (see diagram), connect an
Ethernet cable from the Trusted port to the internal switch or
hub.

• If the workstation is a single computer, connect an Ethernet
cable from the Trusted port directly to the Ethernet port on the
workstation. We recommend this connection method.

Step 3

Connect the power cable between the NetScreen device and a
power source. We recommend using a surge protector.

a. Ensure that the Power LED glows green. This indicates that the

device is receiving power.

b. After the device starts (about 30 seconds), ensure that the Status

LED blinks green. This indicates that the device is operating
normally.

c. Ensure that the Link Activity LEDs glow green for the connected

interfaces. This indicates that the device has network
connectivity.

Step 4

Configure the workstation to access the NetScreen device via a web
browser:

a. Ensure that your workstation is properly connected to your LAN

(use the diagram above).

b. Change the TCP/IP settings of your workstation to obtain its IP

address automatically from the NetScreen device via DHCP. For
help, see the operating system documentation for your
workstation.

Note: Ensure that your internal network does not already have a
DHCP server.

c. If necessary, restart your workstation to enable the changes to

take effect.

Getting Started

Use the instructions in this guide to help you connect and configure your NetScreen-5GT Wireless
ADSL device. For additional configuration information, see the NetScreen-5GT Wireless User’s Guide,
NetScreen Wireless Reference Guide, and NetScreen ADSL Reference Guide. For information on ADSL
line compatibility, see http://www.juniper.net/products/integrated/5GT-ADSL/.

1

2

Internet

Telephone

Outlet

LAN

The numbers on the diagram are paired with the

steps below.

Hub/Switch

wireless2

wireless1

Trust Zone

Wzone1 zone

3a

3b

3c

Juniper Networks

NetScreen-5GT Wireless ADSL

Getting Started Guide

CONFIGURING THE DEVICE

Use the Initial Configuration Wizard (ICW) to configure the NetScreen-5GT Wireless
ADSL device. Before starting the Wizard, decide how you want to deploy your device.
(For additional information, see the NetScreen-5GT Wireless User’s Guide.)

Network Address Translation (NAT). You can deploy the NetScreen
device in Route mode with NAT enabled on the Trust and wireless2
interfaces (Trust zone interfaces) or in Route mode without NAT.
When using Route mode with NAT enabled, the NetScreen device
replaces the source IP address of the sending host with the IP address
of the Untrust zone interface. Route mode with NAT is the most
common way to configure the Trust zone interfaces on the NetScreen
device. Your network uses the Untrust zone interface to connect to
the Internet. This interface can have a static IP address or a dynamic
IP address assigned via DHCP, PPPoA, or PPPoE. When using Route
mode without NAT, an interface routes traffic without changing the
source address and port number in the IP packet header. You must
assign public IP addresses to hosts connected to the Trust zone
interfaces. To configure the Untrust zone interface, you need to
configure the IP address of the interface that is connected to the
service provider’s Digital Subscriber Line Access Multiplexer
(DSLAM).

Port Mode. A port mode binds interfaces to zones. The default port
mode, Trust-Untrust, binds the Trust Ethernet and wireless2 interfaces
to the Trust zone, the wireless1 interface to the Wzone1 zone, and
the ADSL interface to the Untrust zone.

Wireless Interfaces. By default, the wireless2 interface is bound to
the Trust zone. The default IP address and netmask for the wireless2
interface is 192.168.2.1/24. You can change this address to match
existing IP addresses on your network. The wireless1 interface is
bound to the Wzone1 zone and does not have an IP address
assigned to it.

ADSL Interface. By default, the ADSL interface is bound to the
Untrust zone and is the primary interface for traffic to the outside
network.

Trust Ethernet Interface IP Address. The default IP address and
netmask for the Trust interface is 192.168.1.1/24, which is located
in the Trust zone. You can change this address to match IP addresses
that exist on your network.

Assigning IP Addresses to Hosts in the Trust Zone (Enable DHCP
Server). You can choose to have the NetScreen device assign IP
addresses via DHCP to wired or wireless hosts in your network. If
you have the device assign IP addresses, you can define the range of
addresses to be assigned. You need to ensure that the range of
addresses is in the same subnetwork as the Trust Ethernet interface
or the wireless2 interface IP address.

Step 1

Launch a Web browser. In the URL address field, enter
http://192.168.1.1. The Rapid Deployment Wizard window
appears.

Note: You can access the Initial Configuration Wizard (ICW) from
the Trust Ethernet interface.

Step 2

If your network uses Juniper Networks NetScreen-Security Manager,
you can use a Rapid Deployment configlet to automatically configure
the NetScreen device. Obtain a configlet from your Security
Manager administrator, select the Yes option, select the Load
Configlet from: option, browse to the file location, and click Next.
The configlet sets up the NetScreen device for you. If you use a
configlet, you can skip the remaining instructions in this guide.

If you need to change the port mode on the device, select the
Change the Port Mode option, select the port mode from the
drop-down menu, and click Apply before loading the configlet.

Note: Skip the ICW if you want to configure the Extended port
mode on the NetScreen-5GT Wireless ADSL device. You must use
the WebUI or CLI to configure this port mode.

If you want to bypass the configuration wizard and go directly to the
WebUI, select the last option, and click Next. (See the
NetScreen-5GT Wireless User’s Guide for information on using the
WebUI to configure the device.)

If you are not using a configlet to configure the NetScreen device
and want to use the configuration wizard, select the first option, and
click Next. The Initial Configuration Wizard welcome screen
appears. Click Next.

Step 3

Enter a new administrator login name and password, and click
Next.

Step 4

Check the Enable NAT check box if you want the NetScreen device
to be in Route mode with NAT enabled. Click Next.