Solved

Configuring DMZ on SSG140 (Juniper Netscreen)

Posted on 2014-09-28
3
120 Views
Last Modified: 2016-01-04
Hello Experts,

I'm not that much professional in configuring Netscreen firewall, I was wondering if you could help me to do a very important configuration ... DMZ.

I'm familiar with Juniper ScreenOS, please provide steps using that not command line as possible.

I need to configure DMZ with subnet 192.168.30.0/24 while the corporate LAN is in subnet 192.168.10.0/24.

Appreciate your answers in details if possible... thank you guys in advance.

Ahmed
0
Comment
Question by:Mohamed Hammad
3 Comments
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40348514
In general and short, the steps are:
Choose an interface and put it into the DMZ zone
Assign the IP for that interface. This also generates appropriate routing entries.
Create policies from and to DMZ as needed.
Each single step should be obvious in WebUI, there is no magic in it.
0
 

Author Comment

by:Mohamed Hammad
ID: 40351826
Thanks for your post,
It is the first time with DMZ using juniper firewalls ... that's it.
I just wondering about the detailed settings, I will go ahead with the basic settings  you've  mentioned and I will post you guys when needed in some terms in the details.
Thanks anyway Qlemo
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
New firewall implementation guidance 12 89
Good external ports and external device scanner 6 49
AWS Default Security Group Question 3 42
SSG50 Firewall Rules 17 28
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question