Table of Contents
Advertisement
Applying the Port Firewall Filter to the Supplicant User Profiles on the RADIUS Server
Step-by-Step
Procedure
Copyright © 2010, Juniper Networks, Inc.
Verify that the RADIUS server attribute needed to apply a filter on the RADIUS server is
on the server and then apply the port firewall filter to each end device's user profile on
the RADIUS server:
To verify that the RADIUS server attribute
the filter to the user profiles:
Display the dictionary
1.
attribute
Filter-ID
is in the dictionary:
[root@freeradius]# cd usr/share/freeradius/dictionary.rfc2865
Close the dictionary file.
2.
Display the local user profiles of the end devices to which you want to apply the
3.
filter (here, the user profiles are called
[root@freeradius]# cat /usr/local/etc/raddb/users
The output shows:
supplicant1 Auth-Type := EAP, User-Password == "supplicant1"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "1005"
supplicant2 Auth-Type := EAP, User-Password == "supplicant2"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "1005"
Apply the filter to both user profiles by adding the line
4.
profile, and then close the file:
[root@freeradius]# cat /usr/local/etc/raddb/users
After you paste the line into the files, the files look like this:
supplicant1 Auth-Type := EAP, User-Password == "supplicant1"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "1005",
Filter-Id = "filter1"
supplicant2 Auth-Type := EAP, User-Password == "supplicant2"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "1005",
Filter-Id = "filter1"
Chapter 88: Examples: Access Control Configuration
Filter-ID
is on the RADIUS server and to apply
on the RADIUS server, and verify that the
dictionary.rfc2865
supplicant1
and
):
supplicant2
to each
Filter-Id = "filter1"
2799
Advertisement
Chapters
Table of Contents
Troubleshooting
