juniper-SSG5VPN配置攻略

更新时间：2023-12-05 22:16:01 阅读量：教育文库文档下载

说明：文章内容仅供预览，部分内容可能不全。下载后的文档，内容与下面显示的完全一致。下载之前请确认下面内容是否您想要的，是否完整无缺。

juniperssg5默认密码推荐度：
相关推荐

防火墙SSG5配置手册

1 登陆

Administrator Login Name: netscreen Password: netscreen 2配外网IP

Network—Interfaces—List—Ethernet 0/0—Edit staticIP

IP:*.*.*.* (此为外网访问服务器的IP) 选择：web UI Ping (OK) 3配内网IP Bgroupo—Edit statipIP

IP: *.*.*.* (此为内网IP) 选择：web UI 等全部（OK） 4配策略 Policy—policies

选择：From:Trust—to:Untrust (NEW) SourceAddress

address BOOK Entry:Any Destination

address BOOK Entry:Any

service:Any(Allser) (OK) *此为内网到外网选择：From:Untrust—to:Trust (NEW) SourceAddress

address BOOK Entry:Any Destination

address BOOK Entry: *.*.*.*

(OK) *此为外网到内网 5加路由

Net work—Routing IP:0.0.0.0 /0

Netthop Gateway Inter face Ethernet 0/0 Gateway IP Address: *.*.*.* (网关) 6加端口

Policy—policyElemerts—services—选择 Predefined(查看)或Custom(定义端口)或Groups(定义端口组) 端口如下表： TCP WDP Source port(原) LOW 0 0 High 65535 65535 Destinetion Port(目标) LOW 39 39 High 39 39 VPN用户组建

Policy—policy Elements—Addresses—List (NEW) AddressName:Server

IP Address/netamsk: *.*.*.* 5/24 Zone:Untrust (外) Trust (内) 1建立地址池 Objects—IP pools IP pool Name :VPN Start IP :192.168.2.1 End IP： 192.168.2.100 2建立VPN用户

Objects—Users—local(NEW) Name:a

User password:**** Confirm password:**** 选择：Enable,L2TPuser IP pool:VPN 3建组

Local Groups--(NEW) 4建立通道协议

VPNS—L2TP—Default Settings IP pool Name:VPN PPP Authentication:CHAP

DNS primary Server IP:*.*.*.*(网关) VPNS—L2TP—Tunnel—(NEW) Name:VPN

选择：Usecustom Settings

Authen tication server: Local Query.remote settings

Dialup Group:local Dialup Group-VPN group(组) Dialupuser(用户) Out going Interface:Ethernet 0/0 IPpoolNeme:VPN DNS Server IP: *.*.*.* 5 策略设定

Policy Elements—Addresses—list 6策略调整

Policy—policies—Form:Untrust—To:Trust (NEW) Name(optional):空为默认 SourceAddress

address BOOK Entry:Dial-upVPN Destination

address BOOK Entry:server service:Any(Allser)