J-WEB DOCUMENTATION.
J-WEB initial setup wizards.
Introduction
Connect the management device to the services gateway using either of the following methods: Connect an RJ-45 cable (Ethernet cable) from any one port between ge-0/0/1 and ge-0/0/15 on the front panel to the Ethernet port on the management device (workstation or laptop). After connecting the management device to the services gateway, the DHCP server process on the services gateway will assign an IP address automatically to the management device. Ensure that the management device acquires an IP address on the 192.168.1/24subnet-work (other than 192.168.1.1) from the device. The services gateway functions as a DHCP server and will assign an IP address to the management device. By default, the DHCP server is enabled on the L3 VLAN interface, (IRB) vlan.0 (ge-0/0/1 to ge-0/0/15), which is configured with an IP address of 192.168.1.1/24. When an SRX device services Gateway is powered on for the first time, it boots using the factory default configuration.
Setup wizards
- Launch a Web browser on the management device
- Enter in the URL address field. The J-Web login page is displayed.
- Specify the default user name as root. Do not enter any value in the Password field.
.
- Click Log In. The J-Web Initial Setup page is displayed
- Click on start>
- Configure the basic settings such as Host Name, Domain Name, Root Password and verify Root password
: Ensure that you have configured the IP address and root password before you apply the configuration.
NOTE: All fields marked with an asterisk (*) are mandatory
- Click Next
- Enter the default gateway, DNS servers and domain search
Note: optional field
- Click Next
- This page enables you to create new VLANs
Note: optional page
- Edit an existing VLAN by double-clicking the name or by selecting the row and clicking Edit
- Moved the ge-0/0/4.0 to available interface and user can able to configure IPV4 address
- Enter the Vlan-id, (range :2-4094)
- Select one or more interfaces in the available Interfaces box, then click the "<" button to add to group. You may also remove interfaces by selecting an interface in the right box and clicking the "<" button.
- Click Next
- This page shows gigabit Ethernet, Fast Ethernet and Vlan interfaces
Note: Optional page
- To edit an interface, double-click it, or select the row and click Edit. To add an interface, click Add.
- Select the interface from the drop down list
- Select the DHCP/IP/PPPOE address using radio button
- Select the zone from the drop down list
- Select the services by using check box
- Click Save
- Configured interface will appear in configure interface main page
- Click Next
- This page enables you to select the way that J-Web behaves when you start it.
- Select the option in J-web starting page option
- Select the option in J-web commit options
- Click Next
- This page to set the system time and time zone
(Note: Optional page)
- Click Next
- This page shows the system configuration summary
User Scenario 1: Sofware upgrade using the J-WEB .
Steps:
- Download the software to local PC
- Navigate to Maintain > Software> Upload Package page
- Click on Browse and select the downloaded software
- Select reboot options if required and click on Upload and “install package button “
- Browser will refresh every 1min to provide updated status and the 1st update will be available once image is copied to router
- Upload competion time depends on the platform
- Click on OK once the process is done or select reboot schedule
FTP upload
- Navigate to Maintain > Software> Install package page for FTP upload
- Provide FTP server and credential information and click on Fetch and install package button
- UI indicates step by step install progress
- Click OK to reboot immediately (if reboot is selected ) or schedule a reboot using hyperlink
Rollback to Alternative package:
- Navigate to Maintain > Software> Downgrade page (to rollback to alternative version )
- Click on Downgrade button and select the hyper link to schedule a reboot
Note: during reboot connection to the router will be lost hence there won’t be any update in the page status.
User Scenario 3: J-WEB FW and NAT wizard:
Steps to configure FW using Wizards
FW wizards
- Navigate to configure > Wizards > Fw_wizards (after initial setup)
- Click on start >
- click on Add>
- Enter the policy name
- Select the available zone_address for source and destination address and move to selected zone/address using Up arrow mark
- Select the available applications and move to selected application using Up arrow mark.
- Select the Action as permit/deny
(Note: All the given fields are mandatory)
- Click save, and it will reflect in firewall policy table
VPN Wizard
- Navigate to configure > Wizards > VPN_wizards (after initial setup)
- Click on start >
- Enter VPN name
- Select a security zone for the local private network from the list.
- Add network addresses to identify the local networks for the VPN. Add addresses by entering them and clicking Add.
- Enter the ST0 interface, number should be between (0-65535)
- Select a security zone for the interface from the list
- Indicate whether the interface is numbered (an IP address) or unnumbered
- Select an interface for the public network from the lists provided
- Select an interface zone for the public network from the lists provided.
- Indicate the interface type, either static/dynamic
- Add remote Gateway Public IP
- Add IP addresses for the remote private networks and clicking Add.
- Select the IKE security level
- Select the IKE mode
- Enter IKE preshared key (Ascii)
- Select the IPSec security level
- Select the IPSec forward secrecy
- Select the optional choice VPN monitor, Dead peer Detection
- Select the optional field
- click commit
NAT Wizard
- Navigate to configure > Wizards > NAT_wizards (after initial setup)
- Click on start >
- Click Add enter rule name
- Indicate whether the rule specifies a zone or an interface for the direction the traffic comes from
- Select the list and move to the RHS
- Enter a destination address in the form of a host address or a network address.
- Specify the address to use to perform static NAT
[Type text]