Chapter 2 Configuring the Device
O
C
PTIONAL
ONFIGURATION
This section describes the following features on the NetScreen-5GT ADSL device that you
may want to configure:
•
Changing the port mode on the device
•
Adding virtual circuits on the ADSL interface
•
Using a backup interface to the Untrust zone
•
Restricting management of the device
•
Changing the operational mode
•
Modifying the Trust interface address
•
Setting additional policies
Note: Not all of the optional configurations are described in detail in this manual. Refer
to the appropriate chapters in the NetScreen Concepts & Examples ScreenOS Reference
Guide for ScreenOS 5.0.0 for more information.
Changing the Port Mode
The port mode is the binding of physical ports, logical interfaces, and zones. The default
port mode, Trust-Untrust, binds the Trust interface to the Trust zone and the adsl1
interface to the Untrust zone. Changing the port mode changes these bindings.
Warning:
Changing the port mode removes any existing configurations on the NetScreen
device. Therefore, change the port mode before configuring the device.
The following table summarizes the port, interface, and zone bindings provided by the
port modes that are available on the NetScreen-5GT ADSL device:
a
Port Name
1
2
3
4
Untrusted
Modem
ADSL
a. As labeled on the NetScreen appliance chassis.
b. Default port mode.
c. You can configure a backup interface to the Untrust zone, using either the Untrusted Ethernet port or the
Modem port. See
20
Trust-Untrust Port Mode
Interface
Zone
trust
Trust
trust
Trust
trust
Trust
trust
Trust
c
untrust
Null
c
serial
Null
adsl1
Untrust
"Configuring a Backup Untrust Zone Interface" on page
b
Home-Work Port Mode
Interface
Zone
ethernet1
Work
ethernet1
Work
ethernet2
Home
ethernet2
Home
c
ethernet3
Null
c
serial
Null
adsl1
Untrust
Trust/Untrust/DMZ Mode
Interface
Zone
ethernet1
Trust
ethernet1
Trust
ethernet2
DMZ
ethernet2
DMZ
c
ethernet3
Null
c
serial
Null
adsl1
Untrust
22.
User's Guide