Netscreen 5XP - connect to internet problem



  • Complete newbie here

    I have a netscreen 5xp and the following setup:

    Local Pc => trust 5xp=> Untrust => Router => Cable Modem

    I have my trust interface setup to be a dhcp server, with the ip address 192.168.1.1/24 and can access webui.

    I have my untrust set to the Ip of the router 192.168.11.1/24

    I can ping the router from my local machine, however I cannot access the router management tool (through http://192.168.11.1) and I cannot access the internet through the router. If I plug my local machine back in to router and set router to be DHCP server then the internet works fine.

    Any ideas anyone, or any ideas on my next step to help diagnose the issue.



  • Cheers for the advice the problem was the ip address on the untrust being the same as the gateway

    Cheers



  • I am curious why you even need the router there in the first place. The Netscreen can replace your router in this scenario from what I can tell. The 5XP has the capability to perform pppoe and NAT.

    If you absolutely need the router in place then make sure you configure the 5XP for route mode and not nat mode. By default the trust interface is in nat mode while the untrust interface is already in route mode. Second and most importantly, the untrust interface CANNOT be the same IP as the router IP. This would cause a conflict. Change your untrust IP to be a different IP on the 192.168.11.0 subnet. Perhaps 192.168.11.2/24? Finally be sure you configure a static route on the router that points to the 192.168.1.0/24 subnet. The gateway for the 192.168.1.0 subnet should be the Netscreen untrust IP address.


 

52
Online

38.4k
Users

12.7k
Topics

44.5k
Posts