Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Performing Initial Software Configuration on the SRX220 Services Gateway Using the Setup Wizard

 

This topic describes how to perform the initial software configuration of your services gateway using the new setup wizard available in Junos OS Release 12.1X44-D10 or later.

This topic includes the following sections:

About the Setup Wizard

The setup wizard guides you through the step-by-step configuration of a services gateway that can securely pass traffic. To help guide you through the process, the wizard:

  • Provides recommended settings based on your previous selections. For example, the wizard recommends security policies based on the security topology you have defined.

  • Determines which configuration tasks to present to you based on your selections.

  • Flags any missing required configuration when you attempt to leave a page.

  • Indicates which configuration elements or tasks are unavailable to you based on your previous selections by graying them out.

You can choose one of the following setup modes to configure the services gateway:

  • Default Setup mode—This mode allows you to quickly set up a services gateway in a default security configuration. In this mode, you can configure basic system settings, such as the administrator password, and download purchased licenses. Any additional configuration can be carried out after completing the wizard setup.

  • Guided Setup mode—This mode allows you to set up a services gateway in a custom security configuration.

Note

It is mandatory to configure only the device name and root password. You can skip all the other steps by clicking Next to go directly to the Confirm & Apply page to apply the configuration.

About the Default Setup Mode

If you choose the Default Setup mode, the wizard takes you through the minimal configuration needed to set up the services gateway that can securely pass traffic in the default configuration. The resulting configuration is similar to the factory-default configuration described in SRX220 Services Gateway Software Configuration Overview, except that the untrust and trust zones are renamed the Internet and Internal zones, respectively.

In the Default Setup mode, you configure:

  • Device name

  • Password for the root account

  • Time information for the services gateway location:

    • Local time zone

    • Name or IP address of a Network Time Protocol (NTP) server, if NTP is used to set the time on the services gateway

    • Local date and time if an NTP server is not used to set the time

You cannot do additional configuration in the Default Setup mode. You must commit your changes and exit the wizard to perform any additional configuration. You can perform additional configuration by rerunning the wizard in the Guided Setup mode, by using the J-Web interface, or by using the CLI.

See the SRX220 Services Gateway Quick Start for step-by-step instructions on how to configure your services gateway in the Default Setup mode.

About the Guided Setup Mode

If you choose the Guided Setup mode, the wizard guides you through configuring your services gateway in a custom security configuration. You can choose between the Basic and Expert levels based on your experience level. The following table compares the Basic and Expert levels.

Basic

Expert

Can configure only three internal zones

Can configure more than three internal zones

Can configure static and dynamic IP for the Internet zone

Can configure static IP, static pool, and dynamic IP for the Internet zone

Cannot configure internal zone service

Can configure internal zone service

Cannot configure internal destination NAT

Can configure internal destination NAT

Configurations you can perform with the setup wizard include:

  • Configuring basic options such as device name, root password, and system time

  • Configuring the security topology

  • Defining security zones and specifying which interfaces are in each zone

  • Configuring a DHCP server in a zone

  • Defining security policies and Network Address Translation (NAT) rules

  • Configuring remote access

Note

Before applying the configuration changes to the services gateway, check the connectivity to the services gateway. You might lose connectivity if you have changed the management zone IP. Click the URL for reconnection instructions for information on how to reconnect to the device.

Running the Setup Wizard

To run the setup wizard:

  1. Connect a laptop or desktop computer to any of ports 0/1 through 0/7 as described in Connecting to the SRX220 Services Gateway Setup Wizard.
  2. Open a Web browser on your laptop or desktop. Note

    The wizard works best with Mozilla Firefox version 15.x or later. The minimum screen resolution is 800 by 600 pixels.

  3. Enter the URL: http://192.168.1.1.

    When the Welcome page for the setup wizard appears, choose the setup mode you want to use to configure the services gateway.

After you finish configuring the services gateway with the setup wizard and commit your configuration, you are redirected to the J-Web interface. Thereafter, whenever you connect to the services gateway, you are placed in the J-Web interface. You can access the setup wizard from the J-Web interface and use it to reconfigure your services gateway. To do so, select Tasks > Run Setup Wizard. You can either edit an existing configuration or create a new configuration.

Note

If you elect to create a new configuration, then all the current configuration in the services gateway will be deleted.