Opening ports on a NS-GT5

[stlinc]

I have a customer that needs to have ports 21000-21003 opened so they can utilize some new software. Of course the only tech we had that knew this equipment was let go right before this, lol...

Can anyone guide me in the right direction on this?

Thanks

Jay

I may not be able to fix it, but I certainly can't break it any further- Jay

 

[MaxPipeline]

Not sure if you mean creating a policy to allow port 21000-21003 or create a VIP to allowing incoming 21000-21003. You also need to know if the ports required is TCP or UDP. Refer to the Concepts & Examples guide from Juniper's website.

http://www.juniper.net/techpubs/software/screenos/

Select your ScreenOS version (Can view it from WebUI or with 'get system' command in CLI). For policies, refer to the Fundamentals guide. For VIP, refer to the Address Translation guide (5.1 or higher).

I hope this helps.

 

[shrubble]

Go into services and define the new service, it's pretty intuitive.

After that, add address list entries for the internal system on the trust and untrust sides (or whatever zone/interface you're using).

Create a policy (or two if it's bidirectional) from trust to untrust (and vice versa- again, maybe not trust and untrust, you may have custom interfaces) allowing your list entries to talk over the service you just defined.

Internal point A talks to external point B using service C.






"I would rather have a free bottle in front of me, than a pre-frontal lobotomy..."

-Shrubble