Srx650 Quick Start
Srx650 Quick Start
Srx650 Quick Start
Use the instructions in this quick start to help you connect the SRX650 Services Gateway to your network. For details, see the SRX650 Services Gateway Hardware Guide at www.juniper.net/techpubs/hardware/junos-srx/srx650/index.html. For translated documentation, see the URL below: Arabic German
DC OK AC OK
SRE 6
OFFLINE
USB 1
10
11
Callout 7 8 9 10 11
Description SRE LEDs AUX port Console port External CompactFlash slot 2 USB ports
Power supply slots Multi-use processing slot Services and Routing (SRE) slot 0 (shown with SRE model installed) Fan tray Air filter (behind fan tray) Reset Config button
Use the instructions below to connect and set up the SRX650 Services Gateway to protect your network. Refer to the LEDs on the front and back panels of the device to help you determine the status of the device.
10 11
12
Part 1: Overview
The SRX650 Services Gateway is a security device that requires these basic configuration settings to function:
Callout Description 1 2 3 4 5 6 Mounting brackets ALARM LED FAN LED SRE/ACE LED 1.0 ESD outlet 10/100/1000 Ethernet ports
Callout 7 8 9 10 11 12
Description GPIM/XPIM slots POWER LED HA SYS LED SRE/ACE LED 0 (applies to SRE models only) SRE/ACE LED 1.1 Power button
Interfaces must be assigned IP addresses. Interfaces must be bound to zones. All interfaces must be configured as Layer 3 interfaces. Policies must be configured between zones to permit or deny traffic. Source NAT rules must be set.
g032703
Spanish
Factory-Default Settings:
Interface ge-0/0/0 ge-0/0/1 ge-0/0/2 ge-0/0/3 Security Zone untrust trust trust trust DHCP State client server server server IP Address dynamically assigned 192.168.1.1/24 192.168.2.1/24 192.168.3.1/24
Security Policies:
Source Zone trust Destination Zone untrust Policy Action permit
NAT Rule:
Source Zone trust Destination Zone untrust Policy Action
source NAT to untrust zone interface
POWER LEDs (solid green) on front and back panels: The device is receiving power. STATUS LED (solid green) on back panel: The device is operating normally. ALARM LED (amber) on front panel: The device is operating normally without a rescue configuration. This is not a panic condition.
NOTE: A solid red ALARM LED indicates a major problem exists on the services gateway. IMPORTANT: You must allow the services gateway between five and seven minutes to boot up after you have powered it on. Please wait until the STATUS LED is solid green before proceeding to Part 3.
Connect an Ethernet cable from the ge-0/0/1 port to the Ethernet port on the management device (workstation or laptop). We recommend this connection method. If you are using this method to connect, proceed with Part 4.
Connect an RJ-45 cable from the console port to the DB-9 adapter, which then connects to the serial port on the management device. (Serial port settings: 9600 8-N-1-N) If you are using this method to connect, proceed with the CLI configuration instructions available in the Branch SRX Series Services Gateways Golden Configurations at www.juniper.net/us/en/local/pdf/app-notes/3500153-en.pdf.
Page 2
2. 3. 4. 5. 6.
Under the Interface column, click on the interface you want to configure. Under Add, click Logical Interface. Under IPv4 Address, click Add. In the IPv4 Address field, enter an IP address and a subnet mask. Click OK. The configured IP address is added to the interface.
For additional configuration information, see the Branch SRX Series Services Gateways Golden Configurations at www.juniper.net/us/en/local/pdf/app-notes/3500153-en.pdf. For detailed software configuration information, see the software documentation available at www.juniper.net/techpubs/software/junos-srx/index.html.
Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785. Copyright 2010, Juniper Networks, Inc. All rights reserved. Printed in USA. Part Number: 530-032843 Rev. 01, February 2010.