Example: Configuring NetScreen5GT Devices as a Firewall Using the PPPoE and ADSL Interfaces (NSM Procedure)

In this example, you configure the NetScreen-5GT ADSL security device as a firewall with the primary Internet connection through the ADSL interface using PPPoE and a backup Internet connection through the serial modem port and dialup connection.

To configure a NetScreen-5GT device as a firewall using PPPoE ADSL interface:

  1. Add the NetScreen-5GT ADSL security device.
    • For device name, enter ADSL PPPoE.
    • Select Model Device.
    • For device platform, select ns5GTadsl-Home-Work.
  2. Configure the ADSL Interface. In the device navigation tree, select Network > Interface. Right-click the ADSL1 interface and select the Edit icon. Configure the General Properties tab:
    • For VPI, enter 0; for VCI, enter 35.

      For Multiplexing Mode, select LLC/SNAP Encapsulation.

      Ensure that the zone is Untrust and the Mode is Route.

  3. Leave all other defaults and click OK to save your changes to the ADSL interface.
  4. Configure the Work interface:
    • Double-click the device icon to open the device configuration. In the device navigation tree, select Network > Interfaces.
    • Right-click ethernet1 and select the Edit icon. The General Properties screen appears. Configure the interface to use an IP address and netmask of 192.168.1.1/24. For Interface Mode, select NAT.
  5. In the interface navigation tree, select DHCP. For DHCP Mode, select DHCP Server.
  6. Select the DHCP Server IP Pools tab, and then configure the following options:
    • For starting IP, enter 192.168.1.3.
    • For Value, select End IP.
    • For ending IP, enter 192.168.1.33.
    • Click OK to add the new IP pool, and then click OK again to save your changes to the Work interface.
  7. Configure the Home interface:
    • Double-click the device icon to open the device configuration. In the device navigation tree, select Network > Interfaces.
    • Right-click ethernet2 and select the Edit icon. The General Properties screen appears. Configure the interface to use an IP address and netmask of 192.168.2.1/24. For Interface Mode, select NAT.
  8. In the interface navigation tree, select DHCP. For DHCP Mode, select DHCP Server.
  9. Select the DHCP Server IP Pools tab, and then configure a new DHCP IP Pool:
    • For starting IP, enter 192.168.2.2.
    • For Value, select End IP.
    • For ending IP, enter 192.168.2.5.
  10. Click OK to add the new IP pool, then click OK again to save your changes to the Home interface.
  11. Configure the PPPoE instance:
    • In the device navigation tree, select Network > PPPoE. Right-click the Trust interface and select the Edit icon.
  12. Click the Add icon to create a PPPoE instance:
    • For PPPoE Instance, enter poe1.
    • For Interface, select the adsl1 interface.
    • For Username, enter Alex.
    • For Password, enter tSOCbme4NW5iYPshGxCy67Ww48ngtHC0Bw==
    • Select Update DHCP Server.
  13. Leave all other defaults, and then click OK to save the PPPoE instance.
  14. Configure the backup interface (the serial interface on the modem port):
    • Double-click the device icon to open the device configuration. In the device navigation tree, select Network > Interfaces.
    • Right-click the serial interface and select the Edit icon. The General Properties screen appears.
    • For Zone, select Untrust.
  15. Configure the ISP settings for the serial interface:
    • In the device navigation tree, select Network > Dial > ISP.
  16. Create an ISP and configure the following:
    • For ISP Name, enter isp1.
    • For Login Name, enter kgreen.
    • For Password, enter 98765432.
    • For Primary Number, enter 4085551111.
    • For Alternative Number, enter 408555222.
    • Ensure that the Priority is 1.
  17. Click OK to save the new ISP.
  18. Configure the Modem settings for the serial interface:
    • In the device navigation tree, select Network > Dial > Modem.
  19. Select the Modem tab and configure the following options:
    • For Modem Name, enter mod1.
    • For Init String, enter AT&FS7=255S32=6
    • Select Is Active.
  20. Click OK to save the new modem settings, and then click OK again to save your changes to the device configuration.

Note: The ISP and Modem settings automatically apply to the serial interface; you do not need to manually assign them to the Modem port.

Related Documentation

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.