Re: External management on a netscreen-5
From: AM (arj.mahal_at_askarj.com)
Date: 05/27/05
- Previous message: Roger: "Re: Trans-Firewall < ?"
- In reply to: Alan Strassberg: "Re: External management on a netscreen-5"
- Next in thread: alavel: "Re: External management on a netscreen-5"
- Reply: alavel: "Re: External management on a netscreen-5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 May 2005 01:26:22 -0700
If you have one external address,, externally, you can only manage the
firewall on the same IP address as the external interface. Set the
Manage-IP address to be 0.0.0.0 - (it defaults to the same IP as the
untrust interface). Then enable ssh and web etc. Note however, that
web and telnet are clear text so the admin login userid password and
configuration changes are not encrypted, so not really meant for
external connections. You should use ssh or ssl communications for the
encrypted equivalent.
Also have a look under admin, management and permitted IPs list. This
allows you to restrict by source IP who can connect to manage the
firewall in the first place. Remember to firstly add your internal
IP/range othewise you may lock yourself out.
Hope this is helpful.
- Previous message: Roger: "Re: Trans-Firewall < ?"
- In reply to: Alan Strassberg: "Re: External management on a netscreen-5"
- Next in thread: alavel: "Re: External management on a netscreen-5"
- Reply: alavel: "Re: External management on a netscreen-5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
