Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INFRANET CONTROLLER GUIDE REV 01 Manual page 106

NSM Infranet Controller Configuration Guide
88
Table 25: Authentication Realms Configuration Details (continued)
Option Function
Authentication Indicates the authentication
server for authenticating the
users who sign in to this
realm.
Directory/Attribute Specifies the directory or
attribute server to use.
Accounting Specifies the RADIUS
accounting server to use.
Your Action
Select the authentication.
NOTE: The Infranet Controller supports
RADIUS proxy for both inner and outer
authentication. RADIUS proxy allows you to
use an external RADIUS server for
authentication. If the authentication server
for a realm is a RADIUS server, three option
buttons are visible: Proxy RADIUS Inner
Authentication, Proxy RADIUS Outer
Authentication, and Do not proxy. If the
authentication server is not a RADIUS server,
the proxy check boxes are hidden. See
"Using RADIUS Proxy."
When RADIUS proxy is used, realm or role
restrictions cannot be enforced. Host
Checker policies, source IP restrictions, and
any other limits that have been assigned are
bypassed. RADIUS proxy should be used
only if no restrictions have been applied.
Select this option to specify which directory
or attribute server to use.
Select this option to specify which RADIUS
accounting server to use.
NOTE: If the LDAP server is down, user
authentication fails. You can find messages
and warnings in the event log files. When an
attribute server is down, user authentication
does not fail. Instead, the groups or
attributes list for role mapping and policy
evaluation is empty.
Copyright © 2010, Juniper Networks, Inc.