Table of Contents
Advertisement
Table 338: Components of the Firewall Filter and RADIUS Server Attributes Topology (continued)
Property
Port firewall filter to be applied on the RADIUS
server
Counters
Policer
User profiles on the RADIUS server
Configuring the Port Firewall Filter and Counters
CLI Quick
Configuration
Step-by-Step
Procedure
Copyright © 2010, Juniper Networks, Inc.
Settings
filter1
counter1
from Supplicant 2.
policer p1
Supplicant 1 has the user profile
Supplicant 2 has the user profile
In this example, you configure a port firewall filter named
that will be applied to the end devices based on the MAC addresses of the end devices.
When you configure the filter, you also configure the counters
Packets from each end device are counted, which helps you verify that the configuration
is working. Policer
policer p1
discard parameters. Then, you check to see that the RADIUS server attribute is available
on the RADIUS server and apply the filter to the user profiles of each end device on the
RADIUS server. Finally, you verify the configuration by displaying output for the two
counters.
NOTE: For more information about authentication, authorization, and
accounting (AAA) services, see the Junos OS System Basics Configuration
Guide at
http://www.juniper.net/techpubs/software/junos/index.html
Configure a port firewall filter and counters:
To quickly configure a port firewall filter with terms for Supplicant 1 and Supplicant 2 and
create parallel counters for each supplicant, copy the following commands and paste
them into the switch terminal window:
[edit]
set firewall family ethernet-switching filter filter1 term supplicant1 from source-mac-address
00:50:8b:6f:60:3a
set firewall family ethernet-switching filter filter1 term supplicant2 from source-mac-address
00:50:8b:6f:60:3b
set firewall policer p1 if-exceeding bandwidth-limit 1m
set firewall policer p1 if-exceeding burst-size-limit 1k
set firewall family ethernet-switching filter filter1 term supplicant1 then count counter1
set firewall family ethernet-switching filter filter1 term supplicant1 then policer p1
set firewall family ethernet-switching filter filter1 term supplicant2 then count counter2
To configure a port firewall filter and counters on the switch:
Configure a port firewall filter (here,
1.
upon the MAC address of each end device:
Chapter 82: Examples: Access Control Configuration
counts packets from Supplicant 1, and
supplicant1
supplicant2
limits the traffic rate based on the values for exceeding and
) with terms for each end device based
filter1
counter2
counts packets
.
.
filter1
. The filter contains terms
and
counter1
counter2
.
.
2577
Advertisement
Chapters
Table of Contents
Troubleshooting
Related Manuals for Juniper JUNOS OS 10.3 - SOFTWARE
Related Products for Juniper JUNOS OS 10.3 - SOFTWARE
- Juniper IDP OS 5.1R1 - S REV 1
- Juniper JUNOS OS 10.4 - S REV 5
- Juniper JUNOS OS 10.4 - FOR EX REV 1
- Juniper JUNOS OS 10.4 - XML API OPERATIONAL
- Juniper IDP OS 5.1R1
- Juniper JUNOS SOFTWARE 10.2 - SOFTWARE INSTALLATION AND UPGRADE GUIDE 4-28-2010
- Juniper OCX1100
- Juniper ADVANCED INSIGHT SCRIPTS 2.5 - S REV 1