Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - BROADBAND ACCESS CONFIGURATION GUIDE 2010-10-12 and is the answer not in the manual?
Questions and answers
Subscribe to Our Youtube Channel
Related Manuals for Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - BROADBAND ACCESS CONFIGURATION GUIDE 2010-10-12
Page 2
Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Page 3
REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable...
Page 5
(including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA http://www.gnu.org/licenses/gpl.html...
Audience This guide is intended for experienced system and network specialists working with Juniper Networks E Series Broadband Services Routers in an Internet access environment. E Series and JunosE Text and Syntax Conventions Table 1 on page xxxvi defines notice icons used in this documentation.
CD-ROMs or DVD-ROMs, see the Portable Libraries page at http://www.juniper.net/techpubs/resources/index.html Copies of the Management Information Bases (MIBs) for a particular software release are available for download in the software image bundle from the Juniper Networks Web site at http://www.juniper.net/...
7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...
CHAPTER 1 Configuring Remote Access This chapter describes how to configure remote access to an Juniper Networks E Series Broadband Services Router. This chapter discusses the following topics: Remote Access Overview on page 4 Remote Access Platform Considerations on page 5...
See the ERX Module Guide for modules supported on ERX7xx models, ERX14xx models, and the ERX310 Broadband Services Router. See the E120 and E320 Module Guide for modules supported on the Juniper Networks E120 and E320 Broadband Services Routers. B-RAS Protocol Support...
Use to specify the B-RAS license. The license is a unique string of up to 15 alphanumeric characters. NOTE: Acquire the license from Juniper Networks Customer Service or your Juniper Networks sales representative. You can purchase licenses that allow up to 2,000, 4,000, 8,000, 16,000, 32,000, or 48,000 simultaneous active IP, LAC, and bridged Ethernet interfaces.
Page 85
! Configuration script being generated on TUE NOV 09 2004 12:50:18 UTC ! Juniper Edge Routing Switch ERX-1400 ! Version: 6.1.0 (November 8, 2004 18:31) ! Copyright (c) 1999-2004 Juniper Networks, Inc. All rights reserved. ! Commands displayed are limited to those available at privilege level 15 ! NOTE: This script represents only a subset of the full system configuration.
Page 86
! Configuration script being generated on TUE NOV 09 2004 13:09:03 UTC ! Juniper Edge Routing Switch ERX-1400 ! Version: 6.1.0 (November 8, 2004 18:31) ! Copyright (c) 1999-2004 Juniper Networks, Inc. All rights reserved. ! Commands displayed are limited to those available at privilege level 15 ! NOTE: This script represents only a subset of the full system configuration.
! Configuration script being generated on TUE NOV 09 2004 13:09:25 UTC ! Juniper Edge Routing Switch ERX-1400 ! Version: 6.1.0 (November 8, 2004 18:31) ! Copyright (c) 1999-2004 Juniper Networks, Inc. All rights reserved. ! Commands displayed are limited to those available at privilege level 15 ! NOTE: This script represents only a subset of the full system configuration.
Configuring AAA Authentication for DHCP Local Server Standalone Mode on page 483 show subscribers Configuring the SRC Client The JunosE Software has an embedded client that interacts with the Juniper Networks SRC software, enabling the SRC software to manage the router’s policy and QoS configuration.
Page 133
The JunosE-IP-PIB file is updated with each JunosE release. Since the PIB is implemented by both Juniper Networks SRC and JunosE devices, distribution of the PIB file to customers is not necessary. Customers can access the proprietary PIB file, on approval from Juniper Networks, through Juniper support.
! Configuration script being generated on MON JAN 10 2005 15:19:19 UTC ! Juniper Edge Routing Switch ERX1440 ! Version: 9.9.9 development-4.0 (January 7, 2005 17:26) ! Copyright (c) 1999-2004 Juniper Networks, Inc. All rights reserved. ! Commands displayed are limited to those available at privilege level 15 ! NOTE: This script represents only a subset of the full system configuration.
! Configuration script being generated on TUE NOV 09 2004 12:50:18 UTC ! Juniper Edge Routing Switch ERX-1400 ! Version: 6.1.0 (November 8, 2004 18:31) ! Copyright (c) 1999-2004 Juniper Networks, Inc. All rights reserved. ! Commands displayed are limited to those available at privilege level 15 ! NOTE: This script represents only a subset of the full system configuration.
! Juniper Edge Routing Switch ERX1440 ! Version: 11.2.0 beta-1.1 [BuildId 12073] (April 22, 2010 11:46) ! Copyright (c) 1999-2010 Juniper Networks, Inc. All rights reserved. ! Commands displayed are limited to those available at privilege level 15 ! NOTE: This script represents only a subset of the full system configuration.
RADIUS Overview RADIUS is a distributed client/server that protects networks against unauthorized access. RADIUS clients running on a Juniper Networks E Series Broadband Services Router send authentication requests to a central RADIUS server. You can access the RADIUS server through either a subscriber line or the CLI.
See the ERX Module Guide for modules supported on ERX7xx models, ERX14xx models, and the ERX310 Broadband Services Router. See the E120 and E320 Module Guide for modules supported on the Juniper Networks E120 and E320 Broadband Services Routers. RADIUS References For more information about RADIUS, consult the following resources: RFC 2865—Remote Authentication Dial In User Service (RADIUS) (June 2000)
– (See Note 3.) Supported Juniper Networks VSAs Table 40 on page 182 lists the Juniper Networks (Vendor ID 4874) VSAs supported for Acct-Start, Acct-Stop, Interim-Acct, Acct-On, Acct-Off, Partition-Accounting-On, and Partition-Accounting-Off messages. The following notes are referred to in Table 40 on page 182: The attribute is not included in Acct-Stop messages that are sent when a user session does not get established in one of the following situations.
(DSLAM). NOTE: JunosE Software also supports several Juniper Networks VSAs that you can use to include DSL-related information. See “Juniper Networks VSAs” on page 261 . Table 42 on page 186 lists the DSL Forum VSAs supported by JunosE Software in Access-Request, Acct-Start, Acct-Stop, (if Acct-Stop is specified) Interim-Acct, and CoA-Request messages.
CLI Commands Used to Modify RADIUS Attributes This section discusses the RADIUS Internet Engineering Task Force (IETF) attributes and the Juniper Networks vendor-specific attributes that you can configure using CLI commands. For many attributes, you can configure the router to include the attribute in RADIUS messages.
Chapter 3: Configuring RADIUS Attributes Juniper Networks Vendor-Specific Attributes This section describes the Juniper Networks vendor-specific attributes (VSAs) that you can configure using CLI commands. The attributes are listed numerically and are followed by descriptions about the commands that you can use to manage the attribute.
RADIUS. By default, the router does not include the ANCP-related information provided by the Juniper Networks VSAs in RADIUS messages. These Juniper Networks ANCP-related VSAs are based on definitions in GSMP extensions for layer2 control (L2C) Topology Discovery and Line Configuration—draft-wadhwa-gsmp-l2control-configuration-00.txt (July 2006...
Page 271
NOTE: JunosE Software also supports several Juniper Networks VSAs that you can use to include DSL-related information. See “ANCP-Related Juniper Networks VSAs” on page 230 and “Juniper Networks VSAs” on page 261 . The router receives data containing one or more of the DSL Forum VSAs from a DSLAM connected to the router via a PPPoE interface.
This chapter lists the RADIUS attributes that are supported by JunosE Software. Table 49 on page 255 describes the supported RADIUS IETF attributes. Table 50 on page 262 describes the supported Juniper Networks vendor-specific attributes (VSAs). Table 51 on page 273 describes the DSL Forum VSA formats supported by JunosE Software. Table 52 on page 274 describes RADIUS attributes that are simply passed to their destination by the router.
JunosE 11.3.x Broadband Access Configuration Guide Table 50: Juniper Networks (Vendor ID 4874) VSA Formats Attribute Subtype Number Attribute Name Description Length Length Value [26-1] Virtual-Router Virtual router name for the Broadband sublen string: Remote Access Server (B-RAS) user’s virtual-router-name IP interface.
Page 301
Chapter 6: RADIUS Attribute Descriptions Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-10] Ingress-Policy-Name Input policy name to apply to B-RAS user’s sublen string: interface input-policy-name [26-11] Egress-Policy-Name...
Page 302
JunosE 11.3.x Broadband Access Configuration Guide Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-22] Sa-Validate Enable or disable source address sublen integer: 0 = disable, validation on a user’s interface...
Page 303
Chapter 6: RADIUS Attribute Descriptions Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-39] Tunnel-Min-Bps Minimum line speed for L2TP dial-out integer [26-40] Tunnel-Max-Bps Maximum line speed for L2TP dial-out...
Page 304
JunosE 11.3.x Broadband Access Configuration Guide Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-56] DHCP-MAC-Address Client’s MAC address sublen string:mac-address [26-57] DHCP-GI-Address DHCP relay agent’s IP address integer:4-octet...
Page 305
Chapter 6: RADIUS Attribute Descriptions Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-71] IGMP-Access-Name Access List to use for the group (G) filter sublen string:32-octet [26-72] IGMP-Access-Src-Name Access List to use for the source-group...
Page 306
JunosE 11.3.x Broadband Access Configuration Guide Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-82] Qos-Parameters Name of the QoS parameter instance to sublen string: format is create on the user’s interface, followed by parameter name the value of the parameter.
Page 307
Chapter 6: RADIUS Attribute Descriptions Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-92] L2C-Up-Stream-Data Actual upstream rate access loop sublen string: actual parameter (ASCII encoded) as defined in...
Page 308
JunosE 11.3.x Broadband Access Configuration Guide Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-111] Acc-Aggr-Cir-Id-Bin Unique identification of the DSL line sublen integer: 8-octet [26-112] Acc-Aggr-Cir-Id-Asc Identification of the uplink on the access...
Page 309
Chapter 6: RADIUS Attribute Descriptions Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-126] Act-Interlv-Delay-Dn Subscriber’s actual one-way downstream integer: 4-octet interleaving delay [26-127] DSL-Line-State State of the DSL line...
Page 310
JunosE 11.3.x Broadband Access Configuration Guide Table 50: Juniper Networks (Vendor ID 4874) VSA Formats (continued) Attribute Subtype Number Attribute Name Description Length Length Value [26-147] Backup-Address-Pool Name of the backup local address pool that sublen string: can be used to assign addresses to users...
Layer 2 Tunneling Protocol (L2TP) is a client-server protocol that allows Point-to-Point Protocol (PPP) to be tunneled across a network. This chapter includes the following topics that provide information for configuring L2TP on the Juniper Networks E Series Broadband Services Routers.
Tunnel Parameters to Configure the Transmit Connect Speed Calculation Method” on page 403. RADIUS Include the Tunnel-Tx-Speed-Method RADIUS attribute (Juniper Networks VSA 26-94) in RADIUS Access-Accept messages. For instructions, see “Using AAA Default Tunnel Parameters to Configure the Transmit Connect Speed Calculation Method”...
To use RADIUS to configure the transmit connect speed calculation method for a subscriber’s access interface, you can configure RADIUS to include the Tunnel-Tx-Speed-Method RADIUS attribute (Juniper Networks VSA 26-94) in RADIUS Access-Accept messages. Table 72 on page 404 describes the Tunnel-Tx-Speed-Method RADIUS attribute. For more information about RADIUS Access-Accept messages, see “Configuring RADIUS Attributes”...
Session and Resource Control Software The Session and Resource Control (SRC) software, formerly the Service Deployment System (SDX) software is a component of Juniper Networks management products. The SRC software provides a Web-based interface that allows subscribers to access services, such as the Internet, an intranet, or an extranet.
DHCP local server. For information about configuring the DHCPv6 local server, see “Configuring the DHCPv6 Local Server” on page 485. In equal-access mode, the DHCP local server works with the Juniper Networks SRC software to provide an advanced subscriber configuration and management service.
IP address and immediately allocates the subscriber an IP address from one of the local address pools. In equal-access mode, the DHCP local server works with Juniper Networks Session and Resource Control (SRC) software and the authorization, accounting, and address assignment utility to provide an advanced subscriber configuration and management service.
10 subscriber sessions. The license is a unique string of up to 15 alphanumeric characters. NOTE: Obtain the license from Juniper Networks Customer Service or your Juniper Networks sales representative.
Need help?
Do you have a question about the JUNOSE SOFTWARE FOR E SERIES 11.3.X - BROADBAND ACCESS CONFIGURATION GUIDE 2010-10-12 and is the answer not in the manual?
Questions and answers