Netscreen 25 Help [Archive] - SpeedGuide.net Broadband Community
PDA

View Full Version : Netscreen 25 Help

Adonis Latham
02-12-08, 11:59 AM
Hello,
I currently have a new Netscreen 25 firewall and I am having
trouble with incoming connections, I am replacing a pix firewall and
I currently have them set up in parallel since I can't get inbound
connections on the netscreen.

I have 2 policies set up for testing one from trust to untrust
allowing any traffic out and one inbound with the same just until I
can figure out why I am not getting inbound traffic, but I was
wondering if someone who is familiar with netscreen firewalls could
posibly help or tell me some things to check

thanks
Wolfgang Kueter
02-12-08, 02:56 PM
Adonis Latham wrote:

> Hello,
> I currently have a new Netscreen 25 firewall and I am having
> trouble with incoming connections, I am replacing a pix firewall and
> I currently have them set up in parallel since I can't get inbound
> connections on the netscreen.

> I have 2 policies set up for testing one from trust to untrust
> allowing any traffic out and one inbound with the same just until I
> can figure out why I am not getting inbound traffic, but I was
> wondering if someone who is familiar with netscreen firewalls could
> posibly help or tell me some things to check

I see in my crystal ball that you use a public, routable IP on the external
(WAN, untrusted) Interface and a private IP (non-routable, RfC 1918) on the
internal (LAN, trusted) interface. Correct? So you'll need NAT for the
traffic from LAN to WAN and NAT/Portforwarding from WAN to LAN.

I'd recommend RTFM

After about 2 minutes on the netscreen site I found:

http://kb.juniper.net/CUSTOMERSERVICE/index?page=kbdetail&record_id=0244022611e8310108012c3c1903a65

Wolfgang
Wolfgang Kueter
02-12-08, 03:04 PM
Wolfgang Kueter wrote:


> After about 2 minutes on the netscreen site I found:
>
>
http://kb.juniper.net/CUSTOMERSERVICE/index?page=kbdetail&record_id=0244022611e8310108012c3c1903a65

and about a minute later I found:

http://www.juniper.net/techpubs/software/screenos/

Which gives an access to the documentaion of all versionof ScreenOS

Address translation is described in Chapter 8 of the manual:

ScreenOS 5.4
http://www.juniper.net/techpubs/software/screenos/screenos5.4.0/CE_v8.pdf

ScreenOS 6.0
http://www.juniper.net/techpubs/software/screenos/screenos6.0.0/CE_v8.pdf

ScreenOS 6.1
http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/ce_v8.pdf

So may I kndly ask to read those documents and if you still have a problem
please describe your setup and what you tried in detail reffering to the
documentaion.

Wolfgang