Table of Contents
Advertisement
JunosE 11.2.x Broadband Access Configuration Guide
Configuring RADIUS-Initiated Change of Authorization
RADIUS Dynamic-Request Server Commands
authorization change
key
238
To configure the RADIUS dynamic-request change of authorization feature, perform the
following steps to set up the RADIUS dynamic-request server that will perform the CoA
operation:
Configure the RADIUS dynamic-request server, and enter RADIUS Configuration
1.
mode.
host1(config)#radius dynamic-request server 10.10.5.10
Enable the CoA capability on the RADIUS dynamic-request server.
2.
host1(config-radius)#authorization change
Define the key (secret) used in the RADIUS Authenticator field during exchanges
3.
between the RADIUS dynamic-request server and the RADIUS server.
host1(config-radius)#key Secret21Clientkey
(Optional) Specify the UDP port on which the router listens for messages from the
4.
RADIUS server. The default is 1700.
host1(config-radius)#udp-port 1770
This section describes commands used to configure RADIUS dynamic-request servers.
Use to enable the RADIUS dynamic-request server to receive CoA messages, such as
packet mirroring attributes and Service Manager attributes, from the RADIUS server.
Example
host1(config)#radius dynamic-request server 192.168.5.3
host1(config-radius)#authorization change
Use the no version to disable receipt of the messages; any currently configured
operations will continue.
See authorization change
Use to define the key (secret) that is used to calculate the RADIUS Authenticator field
during exchanges between the RADIUS dynamic-request server and the RADIUS server.
If no key is specified, the router drops all requests from the RADIUS server.
Example
host1(config-radius)#key Secret3Clientkey
Use the no version to set the default, no Authenticator.
See key
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
