Table of Contents
Advertisement
Configuring VLAN Objects
Configuring IP Pools
Copyright © 2010, Juniper Networks, Inc.
For Name, enter Midas.
For Color, select orange.
For Comment, enter Accounting Server.
Select IP, then enter the IP Address 10.1.1.80.
Configure a firewall rule to use the RADIUS authentication server object to
5.
authenticate traffic between the external user group and the Midas server.
Use VLAN objects to limit rule matching to packets within a particular VLAN.
VLAN objects can either target a specific VLAN tag, or a range of VLAN tags. You can use
more than one VLAN object in a rule.
VLAN objects have the following components:
Name: What the object is called in the NSM UI.
Comment and Color: Useful for organizing and explaining the object to other users.
Have no effect on the object in the system.
ID Type: Specify whether the object will cover a single VLAN tag or a range of VLAN
tags.
Specific and Low/High: For a single VLAN tag, specify the tag. For a range of VLAN
tags, specify the lowest and highest values in the range.
An IP pool object contains IP ranges (a range of IP addresses within the same subnet).
You use IP Pool objects to assign IP addresses to L2TP users in L2TP VPNs or local users
on a specific device. The IP pool you select for the VPN or the local user determines the
range of IP addresses the device can assign to the L2TP RAS user when the user connects
to the L2TP VPN.
NOTE: For more information about configuring XAuth and L2TP local users on a device,
see Network and Security Manager Configuring ScreenOS and IDP Devices Guide.
An IP range includes the following:
Start IP—The beginning of the range of IP addresses included in the pool, inclusive.
The Start IP must always be lower than the End IP.
End IP—The end of the range of IP addresses included in the pool, inclusive. The End
IP must always be higher than the Start IP.
Chapter 8: Configuring Objects
403
Advertisement
Table of Contents
