Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...This site is truly a marvel. Without a doubt the most comprehensive, friendly and just plain useful resource of its kind..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > MIS/IT > Security Solutions > NetScreen solutions Forum

Manage Netscreen 10 from internet

thread907-1005736
Read More Threads Like This One
speedingwolf (IS/IT--Management)
15 Feb 05 0:16
Greetings,

I can't seem to figure out how to connect to the untrust/outside interface of my netscreen firewall for testing. I can manage it inside but can not connect to it from the public ip address. I checked the untrusted interface with web, ping, scs, etc.

Please advice.

Thanks,
MarkhP (MIS)
16 Feb 05 3:49
Using the WEB UI got to Network/Interfaces Edit the untrust interface and enable HTTP management service.

I don't enable it here and don't recommend it either, as it is creating a weakness in security by giving access from the Web. If you want external management, maybe look at using a VPN solution and then manage it through the trusted port?
MarkhP (MIS)
16 Feb 05 3:52
Oops, just re-read your post sorry. Are you saying that you cannot ping the untrusted interface from outside of your network?. Do you know if your ISPs router/modem is setup to use transparent mode or NAT?
speedingwolf (IS/IT--Management)
16 Feb 05 12:05
Hi Mark,

Thanks for your respond. I just found out last night that I can configure the NS so that I can manage it from the internet.

In manage IP, just give it the IP address of the location where you will connect to the outside, untrusted interface. Of course, you will need to allow web configuration on the untrusted one.

Thanks for your respond.
sikek (MIS)
18 Feb 05 15:23
If you are worry about some security issue with using HTTP for management on the untrust interface. You can change the port number.Also use SSH v2 or HTTPS which needs to be enable also.

http://5gt.support.juniper.safeharbor.com/knowbase/root/public/nskb5658.htm?

http://5gt.support.juniper.safeharbor.com/knowbase/root/public/ns10562.htm?
Read More Threads Like This One

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Back To Forum

Back To NetScreen solutions

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close