Configuring my new firewall



  • I recently acquired a Netscreen 5gt from a colleague which has been added to my network. I spent some time working on resetting the device and was eventually able to restore it back to factory settings. I followed the initial setup wizard like the manual stated and have a working internet connection through the unit. I have the default policies in place that allow ANY traffic to from ANY source to ANY destination. However, there is one application that has connectivity issues since installing the 5gt.

    Here is the setup:

    Internet > ADSL Modem > Netscreen 5gt > 24port GB Switch > LAN + Wireless Router

    The problem is this; I can connect to the service with the needed application, but after I connect, I begin having disconnect issues. The program will disconnect, then connect, and disconnect, reconnect. This continues indefinitely causing problems with the service. I assumed that since I had not setup any other policies that the firewall was allowing all traffic both directions with no problems. When this program starting having the connection issues, I decided I needed to setup services and policies on the firewall for the program.

    This was my next step. I went ahead and created a VIP on the Untrust interface to use with services on the firewall. Next, I created a service for the program I am using and associated it with the VIP. After this I created the policies to allow the service to be used with the VIP. Unfortunately, the program is still having the same issue. What is really strange is that I can always connect with the program no problem. Once connected however, it begins disconnecting and reconnecting like mentioned before.

    This is becoming a lengthy post so I will wait until I have a response to post config info, or whatever else may be needed to assist me, if assistance is at all available. I am fairly fluent with Cisco products and I was told that working with this unit would be similar so I would like to think I have the ability to manage the device. If anyone has any ideas or suggestions to get me going, I certainly would appreciate the assistance.

    Thank you for taking the time to read my post, and thank you in advance for any help there may be here. I hope to hear from someone soon.
    Regards,
    lacoster



  • I’m trying to become familiar with dbug in screenos, and found this link pretty helpful to get me started.

    http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/Troubleshooting-Tips-Debug-commands/td-p/6203

    Maybe that will help?


 

43
Online

38.4k
Users

12.7k
Topics

44.5k
Posts