Default Device Settings 21
Default Device Settings
This section describes the default settings and operation of an SSG 20 device.
Table 5 describes the default zone bindings for ports on the devices.
Table 5: Default Physical Interface to Zone Bindings
A bridge group, bgroup, is designed to allow network users to switch between
wired/wireless traffic without having to reconfigure or reboot the device. By default,
the ethernet0/2—ethernet0/6 interfaces, labeled as port 0/2—0/6 on the device, are
grouped together as the bgroup0 interface, have the IP address 192.168.1.1/24, and
are bound to the Trust security zone. You can configure up to four bgroups.
If you want to set an Ethernet or wireless interface into a bgroup, you must first
make sure that the Ethernet or wireless interface is in the Null security zone.
Unsetting the Ethernet or wireless interface that is in a bgroup places the interface
in the Null security zone. Once assigned to the Null security zone, the Ethernet
interface can be bound to a security zone and assigned a different IP address.
To unset ethernet0/3 from bgroup0 and assign it to the Trust zone with a static IP
address of 192.168.3.1/24, do the following:
unset interface bgroup0 port ethernet0/3
set interface ethernet0/3 zone trust
set interface ethernet0/3 ip 192.168.3.1/24
save
Port Label Interface Zone
Console N/A N/A
AUX serial0/0 Null
10/100 Ethernet ports:
0/0 ethernet0/0 Untrust
0/1 ethernet0/1 DMZ
bgroup0
0/2
0/3
0/4
bgroup0 (default IP address is
192.168.1.1/24)
ethernet0/2
ethernet0/3
ethernet0/4
Trust
WAN Mini PIM ports: (x = mini PIM slot, 1 or 2)
ADSL2/2+ (Annex A) adsl(x/0) Untrust
ADSL2/2+ (Annex B) adsl(x/0) Untrust
T1 serial(x/0) Untrust
E1 serial(x/0) Untrust
ISDN bri(x/0) Untrust
V.92 serial(x/0) Null
To Next Page
Loading...
