How it Works
Juniper Networks
Loading...
NetScreen-5GT
User Manual
40 pgs1.08 Mb0
Table of contents
Loading...

Juniper Networks NetScreen-5GT User Manual

NETSCREEN-5GT WIRELESS
User’s Guide
Version 5.0.0 P/N 093-XXXX-000 Rev. Beta
Copyright Notice
This equipment has been tested and found to comply with the limits for a Class B digital device,  pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection  against harmful interference in a residential installation. This equipment generates, uses and can  radiate radio frequency energy and, if not installed and used in accordance with the instructions, may  cause harmful interference to radio communications. However, there is no guarantee that interference  will not occur in a particular installation. If this equipment does cause harmful interference to  radio or television reception, which can be determined by turning the equipment off and on, the user  is encouraged to try to correct the interference by one of the following measures:
-Reorient or relocate the receiving antenna.
-Increase the separation between the equipment and receiver.
-Connect the equipment into an outlet on a circuit different from that to which the receiver is  connected.
-Consult the dealer or an experienced radio/TV technician for help.  This device complies with Part 15 of the FCC Rules. Operation is subject to the following two  conditions: (1) This device may not cause harmful interference, and (2) this device must accept any  interference received, including interference that may cause undesired operation.  FCC Caution: Any changes or modifications not expressly approved by the party responsible for  compliance could void the user's authority to operate this equipment.
This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment.  This equipment should be installed and operated with minimum distance 20cm between the radiator & your  body. This transmitter must not be co-located or operating in conjunction with any other antenna or  transmitter.  Juniper declared that NS-5GT-WIRELESS ADSL A is limited in CH1~11 from 2400 to 2483.5 MHz by specified  firmware controlled in USA.
IMPORTANT NOTE: FCC Radiation Exposure Statement:
Operation is subject to the following two conditions:
1) this device may not cause interference and(2) this device must accept any interference, including  interference that may cause undesired operation of the device  This device has been designed to operate with an antenna having a maximum gain of 6 dBi. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada. The required  antenna impedance is 50 ohms.  To reduce potential radio interference to other users, the antenna type and its gain should be so chosen  that the EIRP is not more than required for successful communication.  To prevent radio interference to the licensed service, this device is intended to be operated indoors  and away from windows to provide maximum shielding.Equipment (or its transmit antenna) that is installed  outdoors is subject to licensing.
Industry Canada Statement
Copyright © 2005 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, NetScreen, NetScreen Technologies, GigaScreen, and the NetScree n logo
are registered trademarks of Juniper Networks, Inc. NetScreen-5GT, NetScreen-5XP, NetScreen-5XT, NetScreen-25, NetScreen-50, NetScreen-100, NetScreen-204, NetScreen-208, NetScreen-500, NetScreen-5200, NetScreen-5400, NetScreen-Global PRO, NetScreen-Global PRO Express, NetScreen-Remote Security Client, NetScreen-Remote VPN Client, NetScreen-IDP 10, NetScreen-IDP 100, NetScreen-IDP 500, GigaScreen ASIC, GigaScreen-II ASIC, and NetScreen ScreenOS are trademarks of Juniper Networks, Inc. All other trademarks and registered trademarks are the property of their respective companies.
Information in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without receiving written permission from: Juniper Networks, Inc.
ATTN: General Counsel 1194 N. Mathilda Ave. Sunnyvale, CA 94089-1206
FCC Statement
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. The equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users w ill be required to correct the interference at their own expense.
The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it is not installed in accordance with NetScreen’s installation instructions, it may cause interference with radio and television reception. This equipmen t has been tes ted and fo und to comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These specifications are designed to provide reasonable protection against such interference in a residential installation. However, there is no guarantee that interference will not occur in a particular installation.
If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Consult the dealer or an experienced radio/TV technician for help.
Connect the equipment to an outlet on a circuit different from that to which the receiver is connected.
Caution: Changes or modifications to this product could void the user's warranty and authority to operate this device.
Disclaimer
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR JUNIPER NETWORKS REPRESENTATIVE FOR A COPY.

Contents

Preface........................................................................................3
Organization ...............................................................................................3
WebUI Conventions ................................................................ .................... 4
CLI Conventions ..................................... ................................. .................... 4
NetScreen Publications ...............................................................................5
Chapter 1 Connecting the Device.........................................................................7
Connecting the NetScreen Device to Your Networks ................................. 7
Connecting the Device to an Untrusted Network............................................ 7
Connecting the ADSL Port ...........................................................................7
Connecting the Untrusted Port ....................................................................9
Connecting the Device to Your Internal Network or Workstations.................... 9
Connecting Trusted Ethernet Ports ..............................................................9
Using the Wireless Interface ........................................................................9
Connecting the Power ..............................................................................10
Rack Mounting (Optional) ...................................................... .................. 10
Chapter 2 Configuring the Device.......................................................................13
Accessing the Device ............................................................................... 13
Using the WebUI............................................................................................. 13
Using Telnet ................................................................................................... 14
Using a Console Connection......................................................................... 15
Required Configuration .............................. .................................. ............ 15
Changing the Admin Name and Password................................................... 16
Setting the Date and Time............................................................................. 16
Wireless Configuration .............................................................................. 17
Configuring the Wireless Network.................................................................. 18
ADSL Configuration ................................................ ... ................................19
Configuring the ADSL Interface ..................................................................... 20
Adding Virtual Circuits to an ADSL Interface.................................................. 20
VPI/VCI and Multiplexing Method.................................................................. 21
PPPoE or PPPoA.............................................................................................. 22
Annex B Mode............................................................................................... 22
Static IP Address and Netmask...................................................................... 23
Optional Configuration ............................................................................. 24
Restricting Management............................................................................... 25
Configuring Additional Policies...................................................................... 25
Operational Mode ........................................................................................ 25
Changing the Port Mode............................................................................... 26
Configuring a Backup Untrust Zone Interface................................................ 28
NetScreen-5GT Wireless 1
Contents
Changing the Trust Interface Address ........................................................... 29
Verifying External Connectivity ..................................................................29
Resetting the Device to Factory Defaults .................................................. 29
Using the Reset Pinhole.................................................................................. 30
Chapter 3 Hardware Descriptions.........................................................................31
Port and Power Connectors ......................................................................31
Status LEDs ................................................................................. ...............32
Main Status LEDs for the Device..................................................................... 33
Port Status LEDs.............................................................................................. 33
Specifications .................................................................................................... A-35
2 User’s Guide

Preface

The Juniper Networks NetScreen-5GT Wireless device provides IPSec VPN and firewall services for a branch office or a retail outlet that uses an integrated wireless 802.11b/g interface. The NetScreen-5GT Wireless device uses the same firewall, VPN, Antivirus, Deep Inspection, and traffic management technology as NetScreen’s high-end central site products.
Juniper Networks offers three models of the NetScreen-5GT Wireless device:
The Wireless only model.
The Wireless with Annex A model supports ADSL over standard telephone lines
(POTS).
The Wireless with Annex B model supports ADSL over Integrated Services Digital Network (ISDN).
All models support up to four virtual Access Points (APs). Both ADSL models support ANSI TI.413 Issue 2, ITU G.992.1 (G.dmt), and ITU 992.2 (G.lite) standards.
Each model supports three versions of the device:
The 10-user version supports up to 10 users.
The Plus version supports an unrestricted number of users.
The Extended version provides the same capabilities as the Plus version, with
additional features: High Availability (NSRP Lite), the DMZ security zone, and additional sessions and tunnel capacity.

ORGANIZATION

This manual has three chapters and one appendix.
Chapter 1, “Connecting the Device” describes how to connect the device to your network,
connect the power, connect an antenna, and install the NetScreen-5GT Wireless device in a rack.
Chapter 2, “Configuring the Device” describes the default settings and operation of the
NetScreen-5GT Wireless (ADSL) and the configuration required to use the device.
Chapter 3, “Hardware Descriptions” provides an overview of the NetScreen-5GT Wireless
ports, LEDs, and power requirements.
Appendix A, “Specifications” provides a list of physical specifications about the
NetScreen-5GT Wireless device.
NetScreen-5GT Wireless 3
Preface

WEBUI CONVENTIONS

Throughout this book, a chevron ( > ) is used to indicate navigation through the WebUI by selecting menu options and links.
Example: Objects > Addresses > List > New
To access the new address configuration dialog box:
1. Click Objects in the menu column. The Objects menu option expands to reveal a subset of options for Objects.
2. (Applet menu1) Hover the mouse over Addresses. (DHTML menu) Click Addresses. The Addresses option expands to reveal a subset of options for Addresses.
3. Click List. The address book table appears.
4. Click the New link in the upper right corner. The new address configuration dialog box appears.

CLI CONVENTIONS

The following conventions are used when presenting the syntax of a command line interface (CLI) command:
Anything inside square brackets [ ] is optional.
Anything inside braces { } is required.
If there is more than one choice, each choice is separated by a pipe ( | ). For
example,
set interface { ethernet1 | ethernet2 | ethernet3 } manage
means “set the management options for the ethernet1, ethernet2, or ethernet3 interface”.
Variables appear in italic. For example:
set admin user name1 password xyz
1. You can choose either the applet or DHTML menu types by clicking the Toggle Menu option at the bottom of the menu column.
4 User’s Guide
When a CLI command appears within the context of a sentence, it is in bold (except for variables, which are always in italic). For example: “Use the get system command to display the serial number of a NetScreen device.”
Note: When typing a keyword, you only have to type enough letters to identify the word uniquely. For example, typing set adm u joe j12fmt54 is enough to enter the command
set admin user joe j12fmt54. Although you can use this shortcut when entering
commands, all the commands documented here are presented in their entirety.
NETSCREEN PUBLICATIONS
To obtain technical documentation for any Juniper Networks NetScreen product, visit
www.juniper.net/techpubs/
For technical support, open a support case using the Case Manager link at http://
www.juniper.net/support/ or call 1-888-314-JTAC (within the United States) or 1-408-745-
9500 (outside the United States). If you find any errors or omissions in the following content, please contact us at the e-mail
address below:
.

NetScreen Publications

techpubs-comments@juniper.net
NetScreen-5GT Wireless 5
Preface
6 User’s Guide
Chapter 1
1

Connecting the Device

This chapter describes how to connect the NetScreen-5GT Wireless device to the network, connect the power, and connect an antenna. If you are using the optional NetScreen-5GT Wireless rack mount kit, then use the rack mounting instructions that are included at the end of this chapter.
Note: For safety warnings and instructions, refer to the NetScreen Safety Guide. The instructions in this guide warn you about situations that could cause bodily injury. Before working on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents.

CONNECTING THE NETSCREEN DEVICE TO YOUR NETWORKS

The NetScreen device provides firewall and general security for your networks when it is placed between your internal networks and the Untrusted network. This section describes the physical connections.

Connecting the Device to an Untrusted Network

Depending upon which model of the NetScreen-5GT Wireless device you have, you can connect to the Untrusted network in one of the following ways:
Through an ADSL connection from the ADSL port on the NetScreen device.
Through an Ethernet connection from the Untrusted port on the NetScreen
device.
Connecting the ADSL Port
Connect the provided ADSL cable from the ADSL port on the NetScreen-5GT Wireless ADSL device to your telephone outlet. The ADSL port on the Annex A version of the device uses an RJ-11 connector, while the Annex B version uses an RJ-45 connector. In the case of Annex B models, the cable you connect fr om the ADSL port to the telephone outlet is identical in appearance and wiring to a straight-through 10 Base-T Ethernet cable.
Warning: Make sure that you do not inadvertently connect the Console, Modem, or
Ethernet ports on the NetScreen device to the telephone outlet.
NetScreen-5GT Wireless 7
Chapter 1 Connecting the Device
The ADSL line is your primary connection to an outside network. For a backup data link to an outside network, you can either connect an Ethernet cable from the Untrusted port on the NetScreen-5GT Wireless ADSL device to an external router, DSL modem, or cable modem, or connect a serial cable from the Modem port on the device to an external modem.
Warning: You cannot connect both the Untrusted port and the Modem port on the device
to an outside network at the same time.
Connecting Splitters and Microfilters
A signal splitter divides the telephone signal into low-frequency voice signals for voice calls and high-frequency data signals for data traffic. Your service provider usually installs the splitter as part of the equipment that connects your site’s telephone lines to the provider’s network.
There are also splitters that you may be able to install yourself, depending upon your service provider equipment. If you are installing such a splitter yourself, then connect the ADSL cable from the NetScreen device and the telephone line to the appropriate connectors (for example, “data” or “voice”) on the splitter. You connect the other end of the splitter to the telephone outlet.
You may need to install a microfilter on each telephone, fax machine, answering machine, or analog modem that connects to the ADSL line. The microfilter filters out high­frequency noise on the telephone line. You install the microfilter on the telephone line between the telephone, fax machine, answering machine, or analog modem and the voice connector on the splitter.
The following shows an example of a microfilter and a splitter that you install on your site. (You must obtain the appropriate microfilters or splitters from your service provider.)
Telephone Outlet
Splitter
ADSL Cable
Microfilter
8 User’s Guide
Connecting the NetScreen Device to Your Networks
Connecting the Untrusted Port
You can establish an internet connection to an external router, DSL modem, or cable modem, and provide firewall and general security for your network. To establish a high­speed connection, connect the provided Ethernet cable from the Untrusted interface on the NetScreen-5GT Wireless device to the external router or modem. The NetScreen-5GT Wireless device autosenses the correct speed, duplex, and polarity settings.
If you are using the NetScreen-5GT Wireless ADSL device, then refer to sections
“Connecting the ADSL Port” on page 7 and “Connecting Splitters and Microfilters” on page 8 for ADSL connection instructions.

Connecting the Device to Your Internal Network or Workstations

You can connect your LAN or workstation using one or both of the following ways:
Connecting through one or more of the Trusted Ethernet ports on the NetScreen device.
Using a wireless interface on the NetScreen device.
Connecting Trusted Ethernet Ports
The NetScreen-5GT Wireless device contains four Trusted Ethernet ports. You can use one or more of these ports to connect to LANs via switches or hubs. You can also connect one or all of the ports directly to workstations, eliminating the need for a hub or switch. You can use either cross-over or straight-through cables to connect the Ethernet ports to other devices.
Using the Wireless Interface
If you are using the wireless interface, you need to connect the provided antennae on the device. If you have the standard 2dB omnidirectional antennae, then screw them onto the posts marked A and B at the back of the device. Antenna A is located next to the power cord connection. Bend the antennae at their elbows, making sure not to put pressure on the bulkhead connector.
If you are using the optional high-gain antenna, then follow the antenna’s connection instructions.
NetScreen-5GT Wireless 9
Chapter 1 Connecting the Device

CONNECTING THE POWER

To connect the power to the NetScreen-5GT Wireless device:
1. Plug the DC connector end of the power cable into the DC power receptacle on the back of the device.
2. Plug the AC adapter end of the power cable into an AC power source.
Warning: NetScreen recommends using a surge protector for the power connection.

RACK MOUNTING (OPTIONAL)

With a NetScreen-5GT Wireless rack-mount kit, you can mount one or two NetScreen­5GT Wireless devices in a standard 19-inch equipment rack. The NetScreen-5GT Wireless rack-mount kit includes installation instructions and a rack-mounting tray. The dimensions of the tray are as follows:
Width: 48.26 cm. 19 in. Height: 4.013 cm. 1-5/8 in. (1 rack unit) Depth: 33.655 cm. 13-1/4 in.
In addition to the NetScreen-5GT Wireless device(s), rack-mount kit, and equipment rack, you also need the following:
Phillips-head screwdriver
Four screws that match the thread size of the equipment rack
To mount the device in a rack:
1. Use the Phillips-head screwdriver to remove the two screws from the underside of each NetScreen-5GT Wireless device that you intend to mount. The screws are located on the underside of the NetScreen-5GT Wireless near the front panel. (Keep the screws for use in the next step.)
2. Insert the NetScreen-5GT Wireless devices on the rack-mount tray and screw them to the tray with the screws that you removed in step 1.
10 User’s Guide
Loading...
+ 28 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use