설정은 set, 정보확인은 get, 설정해제는 unset, 저장 save, 리부팅 reset 이다.
Zone을 Virtual Router에 할당하고 > Interface를 Zone에 할당 > Interface에 IP할당 > Default Gateway 설정한다.
정책을 생성해서 내부에서 외부로 ICMP Ping 테스트를 해본다.
스크린OS는 주니퍼에서 제공하는 마지막 버전을 적용했다. (6.2.0r19.0)
ns5gt-> unset all
Erase all system config, are you sure y/[n] ? y
ns5gt-> reset
Configuration modified, save? [y]/n n
System reset, are you sure? y/[n] y
In reset ...
NetScreen NS-5GT Boot Loader Version 2.1.0 (Checksum: 61D07DA5)
Copyright (c) 1997-2003 NetScreen Technologies, Inc.
Total physical memory: 128MB
Test - Pass
Initialization.... Done
Hit any key to run loader
Hit any key to run loader
Hit any key to run loader
Hit any key to run loader
Loading default system image from on-board flash disk...
Done! (size = 11,223,040 bytes)
Ignore image authentication!
Start loading...
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................
Done.
Juniper Networks, Inc
NS-5GT System Software
Copyright, 1997-2008
Version 6.2.0r19.0
Load Manufacture Information ... Done
Initialize FBTL 0.... Done
Load NVRAM Information ... (6.2.0)Done
SYIMAGE
Install module init vectors
build and grow heap:system, order:13
Initial port mode trust-untrust(1)
Install modules (01010800,01bf7e34) ...
PPP IP-POOL initiated, 256 pools
*********************************************************
System time: 18May2020:23:38:52
If this is the initial device startup,
use the "set clock" command to set the system clock.
*********************************************************
system init done..
login: trust interface change physical state to Up
System change state to Active(1)
login: netscreen
password:
ns5gt->
ns5gt-> set interface trust ip 10.10.10.1/24
configuring interface ip clears dhcp server's ippool,gateway option
ns5gt->
ns5gt-> set interface untrust ip 192.168.219.126/27
ns5gt->
ns5gt-> set route 0.0.0.0 0.0.0.0 gateway 192.168.219.126
ns5gt->
ns5gt-> set int trust manage
ns5gt-> set int untrust manage
ns5gt->
ns5gt-> get int
A - Active, I - Inactive, U - Up, D - Down, R - Ready
Interfaces in vsys Root:
Name IP Address Zone MAC VLAN State VSD
trust 10.10.10.1/24 Trust 0012.1eb1.25c2 - U -
untrust 192.168.219.126/27 Untrust 0012.1eb1.25c1 - D -
serial 0.0.0.0/0 Null N/A - D -
vlan1 0.0.0.0/0 VLAN 0012.1eb1.25cf 1 D -
null 0.0.0.0/0 Null N/A - U 0
ns5gt->
ns5gt-> ping 192.168.219.1
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 192.168.219.1, timeout is 1 seconds
.....
Success Rate is 0 percent (0/5)
ns5gt->
ns5gt-> untrust interface change physical state to Up
ns5gt->
ns5gt-> ping 192.168.219.1
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 192.168.219.1, timeout is 1 seconds
.....
Success Rate is 0 percent (0/5)
ns5gt-> ping 192.168.219.1
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 192.168.219.1, timeout is 1 seconds
.....
Success Rate is 0 percent (0/5)
ns5gt-> get int
A - Active, I - Inactive, U - Up, D - Down, R - Ready
Interfaces in vsys Root:
Name IP Address Zone MAC VLAN State VSD
trust 10.10.10.1/24 Trust 0012.1eb1.25c2 - U -
untrust 192.168.219.126/27 Untrust 0012.1eb1.25c1 - U -
serial 0.0.0.0/0 Null N/A - D -
vlan1 0.0.0.0/0 VLAN 0012.1eb1.25cf 1 D -
null 0.0.0.0/0 Null N/A - U 0
ns5gt-> ping 192.168.219.126
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 192.168.219.126, timeout is 1 seconds
!!!!!
Success Rate is 100 percent (5/5), round-trip time min/avg/max=3/3/3 ms
ns5gt->
ns5gt-> telnet 192.168.219.100
Trying 192.168.219.100...
Telnet: Unable to connect to remote host!
ns5gt->
ns5gt-> ping 192.168.219.100
Type escape sequence to abort
Sending 5, 100-byte ICMP Echos to 192.168.219.100, timeout is 1 seconds
!!!!!
Success Rate is 100 percent (5/5), round-trip time min/avg/max=5/12/38 ms
'중앙도서관 > 정보보안' 카테고리의 다른 글
| [정보보안기사] 1. 정보보안 관리 및 법규 (0) | 2020.06.18 |
|---|---|
| [Anti-Virus] Symantec Endpoint Protection - ADC Lab (0) | 2020.05.27 |
| [Anti-Virus] Symantec Endpoint Protection - FW / ADC / Host Integrity (0) | 2020.05.22 |
| [Anti-Virus] Symantec Endpoint Protection - Virus & Spyware (0) | 2020.05.22 |
| [Anti-Virus] Symantec Endpoint Protection Manager 14.2 설치 (0) | 2020.05.21 |
