pcisiva
asked on
How to Configure Juniper ssg 20
Hi,
I'm new to Juniper SSG device, we have ssg 20.
I need to configure Wan IP & allow users in the Lan to browse internet, please let me know how can I do it.
I had configured wan IP on eth0/0 & Lan network as 192.168.3.1 .But I'm not able to get Internet
I'm new to Juniper SSG device, we have ssg 20.
I need to configure Wan IP & allow users in the Lan to browse internet, please let me know how can I do it.
I had configured wan IP on eth0/0 & Lan network as 192.168.3.1 .But I'm not able to get Internet
ASKER
I have a static Public IP. I think I can use the Lan network as 192.168.3.X.
Where can I create a trust to unstrust policy?
Where can I create a trust to unstrust policy?
Ok, that makes things clearer.
You will need to configure eth0/0 with the static IP and subnet mask provided by your ISP.
Then you will need to set the default route by going to
Network > routing > destination and clicking on 'new' to create a default route in the trust-vr with the gateway IP address provided by your ISP.
Finally, if you have configured the LAN with 192.168.3.1/24 network then you can go to the policy menu to create a trust to untrust policy.
http://kb.juniper.net is the best place to find step-by-step guides for all the settings i have described above. It saved me a lot of time when I was new to juniper and the guides are very well written for beginers.
You will need to configure eth0/0 with the static IP and subnet mask provided by your ISP.
Then you will need to set the default route by going to
Network > routing > destination and clicking on 'new' to create a default route in the trust-vr with the gateway IP address provided by your ISP.
Finally, if you have configured the LAN with 192.168.3.1/24 network then you can go to the policy menu to create a trust to untrust policy.
http://kb.juniper.net is the best place to find step-by-step guides for all the settings i have described above. It saved me a lot of time when I was new to juniper and the guides are very well written for beginers.
ASKER
Please find the attached, I see everything is configured as per your recommendations itself
ASKER
Att
Config.zip
Config.zip
Very close!
The DNS you set is only for the juniper self reference. It does not affect the computers connected to the network directly. For that you want to ssetup a DHCP range.
Network > DHCP: You can configure the DNS, range and other dhcp settings.
eth0, interfaces and polices are all correct.
In routing you are missing the default route to send traffic to the ISP. This is where the gateway they gave you comes in handy.
In the top right corner, click on 'New' for trust-vr and add the following:
IP Address/Netmask: 0.0.0.0/0
Next Hop: Gateway
Interface eth0/0
Gateway IP Address: Gateway provided by ISP
Description: default route
and that will complete the setup. Since you have a static IP the gateway must be manually set. If DHCP it would be assigned automatically
The DNS you set is only for the juniper self reference. It does not affect the computers connected to the network directly. For that you want to ssetup a DHCP range.
Network > DHCP: You can configure the DNS, range and other dhcp settings.
eth0, interfaces and polices are all correct.
In routing you are missing the default route to send traffic to the ISP. This is where the gateway they gave you comes in handy.
In the top right corner, click on 'New' for trust-vr and add the following:
IP Address/Netmask: 0.0.0.0/0
Next Hop: Gateway
Interface eth0/0
Gateway IP Address: Gateway provided by ISP
Description: default route
and that will complete the setup. Since you have a static IP the gateway must be manually set. If DHCP it would be assigned automatically
ASKER
Attaching the config...still no luck.
Wan cable is connected to eth0/0
Lan is on etho/4
Config-2.zip
Wan cable is connected to eth0/0
Lan is on etho/4
Config-2.zip
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Below is the error msg
error.png
error.png
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I know that this thread is very old however, I just joined today for the specific reason of trying to find a way to get our new Juniper SSG 20 to connect to the Internet after spending numerous hours without result and through the help of these comments we are now able to connect. Thank you!
Let us know if that helps.