Configuring Local Authentication Servers; Creating The Local Authentication Environment; Creating Local User Databases - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - BROADBAND ACCESS CONFIGURATION GUIDE 2010-10-12 Configuration Manual

Software for e series broadband services routers broadband access configuration guide
Hide thumbs Also See for JUNOSE SOFTWARE FOR E SERIES 11.3.X - BROADBAND ACCESS CONFIGURATION GUIDE 2010-10-12:
Table of Contents

Advertisement

Configuring Local Authentication Servers

Creating the Local Authentication Environment

Creating Local User Databases

Copyright © 2010, Juniper Networks, Inc.
Use to enable or disable SNMP traps when all of the configured RADIUS authentication
servers per VR fail to respond to a RADIUS Access-Request message.
The associated SNMP object is rsRadiusClientTrapOnNoAuthServerAvailable.
Example
host1(config)#radius trap no-auth-server-responding enable
Use the no version to return to the default setting, disabled.
See radius trap no-auth-server-responding
The AAA local authentication server enables the E Series router to provide local PAP and
CHAP user authentication for subscribers. The router also provides limited authorization,
using the IP address, IP address pool, and operational virtual router parameters. When
a subscriber logs on to the E Series router that is using local authentication, the subscriber
is authenticated against user entries in a local user database; the optional parameters
are assigned to subscribers after the subscriber is authenticated.
To create your local authentication environment:
Create local user databases—Create the default database or a named database.
1.
Add entries to local user databases—Add user entries to the database. A database
2.
can contain information for multiple users.
Assign a local user database to the virtual router—Specify the database that the virtual
3.
router will use to authenticate subscribers.
Enable local authentication on the virtual router—Specify the local method as an AAA
4.
authentication method used by the virtual router.
When a subscriber connects to an E Series router that is using local authentication, the
local authentication server uses the entries in the local user database selected by the
virtual router to authenticate the subscriber.
A local authentication server can have multiple local user databases, and each database
can have entries for multiple subscribers. The default local user database, if it exists, is
used for local authentication by default. The E Series router supports a maximum of 100
user entries. A maximum of 100 databases can be configured.
To create a local user database, use the aaa local database command and the name
of the database; use the name default to create the default local user database:
host1(config)#aaa local database westLocal40
Chapter 1: Configuring Remote Access
39

Advertisement

Table of Contents
loading

This manual is also suitable for:

Junose 11.3

Table of Contents