Filter
Top Products
Chapter 3 Configuring the Device
32 User’s Guide
3. To set the IP address and subnet mask:
set interface ethernet3/8 ip ip_addr/mask
where ip_addr is the IP address and mask is the subnet mask. For example, to
set the IP address and subnet mask of the ethernet3/8 interface to
10.250.2.1/16:
set interface ethernet3/8 ip 10.250.2.1/16
4. (Optional) To confirm the new interface settings:
get interface ethernet3/8
Setting the IP Address for the Untrust Zone Interface
The NetScreen-ISG 2000 usually communicates with external (untrusted) devices
through an interface bound to the Untrust zone. To allow an interface to communicate
with external devices, you must assign it a public IP address.
To set up the ethernet1/1 interface to communicate with external devices:
1. Choose an unused public IP address and subnet mask.
2. To bind the ethernet1/1 interface to the Untrust zone:
set interface ethernet1/1 zone untrust
3. To set the IP address and subnet mask:
set interface ethernet1/1 ip ip_addr/mask
where ip_addr is the IP address and mask is the subnet mask. For example, to
set the IP address and subnet mask of the ethernet1/1 interface to
172.16.20.1/16:
set interface ethernet1/1 ip 172.16.20.1/16
4. (Optional) To confirm the new interface settings:
get interface ethernet1/1
Allowing Outbound Traffic
By default, the NetScreen-ISG 2000 does not allow inbound or outbound traffic, nor does
it allow traffic to or from the DMZ. To permit (or deny) traffic, you must create access
policies.