search

Juniper CX111 Manual Pagina 7

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 14
  • Tabla de contenidos
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 6
Copyright © 2010, Juniper Networks, Inc. 7
APPLICATION NOTE - Configuring the CX111 for J Series and Branch SRX Series Devices
Management Access
A VLAN-tagged logical interface can be used to provide access to the CX111’s management console. NAT can also be
used to facilitate access from any device behind the gateway, eliminating the need for complex routing (as all traffic to
the CX111’s management interface will be translated as if it originated from the management subnet).
Figure 3: Management access
192.168.1.0/24
Trust Zone
DHCP Client
Untrust Zone
192.168.0.1/24
Management
Zone
CX111
SRX210
ge-0/0/1
OFFICE
VLAN Management
VLAN Tag 3900
VLAN Data
No tagging used for data trac DHCP assigned
address (relayed from the 3G network)
/* The vlan.2 interface is the L3 interface of the data VLAN, connecting to the
Bridge */
set system services dhcp propagate-settings vlan.2
/* Interface ge-0/0/0 has 2 VLANS congured, data and management */
set interfaces ge-0/0/0 description “Connection to CX111”
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members data
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members management
set interfaces ge-0/0/0 unit 0 family ethernet-switching native-vlan-id data
/* vlan.0 connects to the untrust network */
set interfaces vlan unit 0 family inet address 192.168.1.1/24
/* vlan.2 connects to the bridge (untagged) */
set interfaces vlan unit 2 family inet dhcp client-identier ascii SRX-GW
/* vlan.3900 connects to the bridge’s management subnet */
set interfaces vlan unit 3900 family inet address 192.168.0.2/24
/* VLANs */
set vlans data vlan-id 2
set vlans data l3-interface vlan.2
set vlans management vlan-id 3900
set vlans management l3-interface vlan.3900
set vlans vlan-trust vlan-id 3
set vlans vlan-trust l3-interface vlan.0
/* NAT rule for Internet access */
set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match
Vista de pagina 6
1 2 3 4 5 6 7 8 9 10 11 12 13 14

Comentarios a estos manuales

Sin comentarios
  • Morrison QuickLabel Systems Devair Ledino BOLEX
  • JVC Televisores de proyección Denon Equipo de música complementario ACDelco Generadores De Poder Outdoor Gourmet Barbacoas Y Parrillas Realistic Las radios
  • Gigabyte GB-BXi5-4570R Presonus DigiMax FS Rival S16RB Electrolux ESF4661ROX Samsung DM40D
  • LG KM555 Manual de usuario Toshiba Camileo S20 Manual de usuario Samsung PN42A450P1D Manual de usuario Chicago-electric 66910 Manual de usuario Samsung S27D590CS Manual de usuario