Solved

Juniper Networks SSG 5- Configuration

Posted on 2008-10-22
11
1,979 Views
Last Modified: 2012-08-13
I have inherited a Juniper Networks SSG 5 firewall at my new work. I need to allow access through ports 3389, 5800 and 5900 and also allow SSH enabled on port 5900 so that PortWise will work when I am connecting to a remote server.

Could someone give me instructions on how to do this.

I have access to the GUI through a browser.

Many thanks

John.
0
Comment
Question by:borgqjeanluc
  • 4
  • 2
11 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 22774256
http://www.rsivanandan.com/?p=108

Read this and see if this helps.

Post back with further clarifications if needed.

Cheers,
Rajesh
0
 

Author Comment

by:borgqjeanluc
ID: 22774393
Thanks for this Rajesh. It was useful but I just want to open these ports using the Web interface. Would I just need to create a entry in the Objects/Services/Custom page or somewhere else.

Sorry my knowladge of Firewalls is pretty limited so I kinds need the "idiots" guide to doing this.

Help is appreciated.

Regards

John.
0
 
LVL 3

Accepted Solution

by:
calltms earned 125 total points
ID: 23004919
If you want to open the ports, you need to:

Create a custom Service Object for each port that you need, that doesn't already have a service.

Create a VIP for the service to point to the appropriate internal IP address.

Create a Policy saying that any (or defined) address from the outside can access the VIP::1 using whichever service (or multiple services).



All done!
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 32

Expert Comment

by:rsivanandan
ID: 23005490
Yes, you basically create the service and proceed. In which direction are we talking about? Outgoing or incoming?

Cheers,
Rajesh
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 23306603
Sirbounty,

  I had posted an answer, also have left a question open for the author.

Cheers,
Rajesh
0
 
LVL 3

Expert Comment

by:calltms
ID: 23306633
As have I.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 23311926
modus_operandi,

  At least the objection could be explained instead of just closing down the question, this is the second one you're doing so!

--Rajesh
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now