Example: Configuring NetScreen5GT Devices to Connect to the Web Using the PPPoA and ADSL Interfaces (NSM Procedure)

In this example, you configure a NetScreen-5GT ADSL security device to connect to the Internet using PPPoA and the ADSL interface. The device acts as both a PPPoA client and a DHCP server:

• As a PPPoA client, the device receives the IP address for the ADSL interface. However, the device also receives one or more IP addresses for DNS servers.
• As a DHCP server, the device provides hosts in the Trust zone with their IP addresses and the IP addresses of the DNS servers.

1. Add the NetScreen-5GT ADSL security device.
   • For device name, enter ADSL PPPoA.
   • Select Model Device.
   • For device platform, select ns5GTadsl-Trust-Untrust.
2. Configure the ADSL Interface. In the device navigation tree, select Network > Interface. Right-click the ADSL1 interface and select the Edit icon. Configure the General Properties tab following options:
   • For VPI, enter 0; for VCI, enter 35.
   • For Multiplexing Mode, select LLC/SNAP Encapsulation.
   • Ensure that Manageable is enabled and that the Management IP is 0.0.0.0.
   • Ensure that the zone is Untrust and the Mode is Route.
3. Leave all other defaults and click OK to save your changes to the interface.
4. Configure the Trust interface:
   • Double-click the device icon to open the device configuration. In the device navigation tree, select Network > Interfaces.
   • Right-click ethernet1 and select the Edit icon. The General Properties screen appears. Configure the interface to use an IP address and netmask of 192.168.1.1/24. For Interface Mode, select NAT.
   • In the interface navigation tree, select DHCP. For DHCP Mode, select DHCP Server.
5. Select the DHCP Server IP Pools tab, and then configure the following:
   • For starting IP, enter 192.168.1.3.
   • For Value, select End IP.
   • For ending IP, enter 192.168.1.33.
6. Click OK to add the new IP pool, and then click OK again to save your changes to the Trust interface.
7. Configure the PPPoA instance:
   • In the device navigation tree, select Network > PPPoA. Right-click the Trust interface and select the Edit icon.
8. Click the Add icon to create a PPPoA instance, and then configure the following options:
   • For PPPoA Instance, enter poa1.
   • For Interface, select the adsl1 interface.
   • For Username, enter Alex.
   • For Password, enter tSOCbme4NW5iYPshGxCy67Ww48ngtHC0Bw==
   • Select Update DHCP Server.
9. Leave all other defaults and click OK to save the PPPoA instance, and then click OK to save the device configuration.

After you have updated the device with the modeled configuration, the device administrator can activate PPPoA on the local network.

• First, the device administrator powers down the NetScreen-5GT ADSL security device and all workstations in the Trust zone, and then powers on just the device. The device makes a PPPoA connection to the DSLAM, and obtains the IP address for the ADSL interface and the IP addresses for the DNS servers.
• Finally, the device administrator powers on the workstations to activate DHCP; the workstations automatically receive the IP address for the DNS server and obtain an IP address for themselves when they attempt a TCP/IP connection.

Related Documentation

• Example: Configuring NetScreen5GT Devices as a Firewall Using the PPPoE and ADSL Interfaces (NSM Procedure)
• Wireless Interface on ScreenOS Devices Overview
• Configuring DSCP Options Overview