[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

J-Web Configuration

  1. To configure zones:
    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Zones, click Configure.
    4. Next to Security zones, click Add new entry.
    5. In the Name box, type external_subscriber.
    6. Next to Host inbound traffic, click Configure.
    7. Next to System services, click Add new entry.
    8. Next to Service name, select all and click OK.
    9. Next to Protocols, click Add new entry.
    10. Next to Protocol name box, select all and click OK.
    11. Next to Security zones, click Add new entry.
    12. In the Name box, type internal_ca.
    13. Next to Host inbound traffic, click Configure.
    14. Next to System services, click Add new entry.
    15. Next to Service name, select all and click OK.
    16. Next to Protocols, click Add new entry.
    17. Next to Protocol name box, select all and click OK.
    18. To save and commit the configuration, click Commit.
  2. To configure addresses:
    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Zones, click Configure or Edit.
    4. Next to Security zone, click Add new entry.
    5. In the Name box, type internal_ca.
    6. Next to Address book, click Configure or Edit.
    7. Next to Address, click Add new entry.
    8. In the Address name box, type ca_agent1 10.1.1.101/32 and click OK.
    9. To configure another security zone external_subscriber, repeat Step b through Step e and click OK.
    10. Next to Address book, click Configure.
    11. Next to Address, click Add new entry.
    12. In the Address name box, type SubscriberSubNet 2.2.2.1/24 and click OK.
    13. To save and commit the configuration, click Commit.
  3. To configure interfaces:
    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Zones, click Configure.
    4. Next to Security zone, click Add new entry.
    5. In the Name box, type internal_ca
    6. Next to Interfaces, click Add new entry.
    7. In the Interface unit box, type ge-0/0/01 and click OK.
    8. Next to Interfaces, click Configure or Edit.
    9. Next to Interface, click Add new entry.
    10. In the Interface name box, type ge-0/0/1.
    11. Next to unit, click Add new entry.
    12. In the Interface unit number box, type 0.
    13. Under Family, next to Inet, select the check box, and click Configure.
    14. Next to Address, click Add new entry.
    15. Next to Source, type 2.2.2.1/24 and click OK.
    16. To configure another security zone, external _subscriber, and interface, ge-0/0/0, Step a through Step g and click OK.
    17. To configure another interface, ge-0/0/0, repeat Step h to Step l.
    18. Under Family, next to Inet, select the check box and click OK.
    19. To save and commit the configuration, click Commit.
  4. To configure internal-to-external zone policies:
    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Policies, select the check box and click Configure.
    4. Next to Policy, click Add new entry.
    5. In the From zone name box, type internal_ca.
    6. In the To zone name box, type external_subscriber.
    7. Next to Policy, click Add new entry.
    8. To specify the Policy name, next to Policy name box, type Pol-CA-To-Subscribers.
    9. Select the Match check box.
    10. Select the Then check box.
    11. Click Configure next to Match check box.
    12. From the Source address choice list, select Source address.
    13. Next to Source address, click Add new entry.
    14. From the Value keyword list, select Enter Specific Value.
    15. In the Address box, type ca-agent1 and click OK.
    16. From the Destination address choice list, select Destination address.
    17. Next to Destination address, click Add new entry.
    18. Next to Value keyword list, select Enter Specific Value.
    19. In the Address box, type SubscriberSubNet and click OK.
    20. From the Application choice list, select Application.
    21. Next to Application, click Add new entry.
    22. Next to Value keyword box, type junos-mgcp and click OK.
    23. Next to Then, click Configure.
    24. Next to Action, select permit and click OK.
    25. To save and commit the configuration, click Commit.

    To configure from zone, external_subscriber, and to zone, internal_ca, follow the sequence of steps below:

    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Policies, select the check box and click Configure.
    4. Next to Policy, click Add new entry.
    5. In the From zone name box, type external_subscriber.
    6. In the To zone name box, type internal_ca.
    7. Next to Policy, click Add new entry.
    8. In the Policy name box, type Pol-Subscribers-To-CA.
    9. Select the Match check box.
    10. Select the Then check box.
    11. Next to Match check box, click Configure.
    12. From the Source address choice list, select Source address.
    13. Next to Source address, click Add new entry.
    14. From the Value keyword list, select Enter Specific Value.
    15. In the Address name box, type SubscriberSubnet and click OK.
    16. From the Destination address choice list, select Destination address.
    17. Next to Destination address, click Add new entry.
    18. Next to Value keyword list, select Enter Specific Value.
    19. In the Address name box, type call_agent1 and click OK.
    20. From the Application choice list, select Application.
    21. Next to Application, click Add new entry.
    22. Next to Value keyword box, type junos-mgcp and click OK.
    23. Next to Then, click Configure.
    24. Next to Action, select permit and click OK.
    25. To save and commit the configuration, click Commit.

    To configure from zone and to zone as internal_ca, follow the sequence of steps listed below:

    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Policies, select the check box and click Configure.
    4. Next to Policy, click Add new entry.
    5. In the From zone name box, type internal_ca.
    6. In the To zone name box, type internal_ca.
    7. Next to Policy, click Add new entry.
    8. In the Policy name box, type Pol-Intra-CA.
    9. Select the Match check box.
    10. Select the Then check box.
    11. Next to Match check box, click Configure.
    12. From the Source address choice list, select Source address.
    13. Next to Source address, click Add new entry.
    14. From the Value keyword list, select any and click OK.
    15. From the Destination address choice list, select Destination address.
    16. Next to Destination address, click Add new entry.
    17. Next to Value keyword list, select any and click OK.
    18. From the Application choice list, select Application.
    19. Next to Application, click Add new entry.
    20. Next to Value keyword box, select any and click OK.
    21. Next to Then, click Configure.
    22. Next to Action, select permit.
    23. To save and commit the configuration, click Commit.

    To configure from zone and to zone as external_subscriber, follow the sequence of steps below:

    1. Select Configuration > View and Edit > Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Policies, select the check box and click Configure.
    4. Next to Policy, click Add new entry.
    5. In the From zone name box, type external_subscriber.
    6. In the To zone name box, type external_subscriber.
    7. Next to Policy, click Add new entry.
    8. In the Policy name box, type Pol-Intra-subscriber.
    9. Select the Match check box.
    10. Select the Then check box.
    11. Next to Match check box, click Configure.
    12. From the Source address choice list, select Source address.
    13. Next to Source address, click Add new entry.
    14. From the Value keyword list, select any and click OK.
    15. From the Destination address choice list, select Destination address.
    16. Next to Destination address, click Add new entry.
    17. Next to Value keyword list, select any and click OK.
    18. From the Application choice list, select Application.
    19. Next to Application, click Add new entry.
    20. Next to Value keyword box, select any and click OK.
    21. Next to Then, click Configure.
    22. Next to Action, select permit.
    23. To save and commit the configuration, click Commit.
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]