The Enforcement Point View; Manager - Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide

The Enforcement Point View

Associating Enforcement Points with an Infranet Controller in the UAC Manager
642
When you select the Enforcement Points (EP) view, the NSM main display area is
horizontally divided into the Enforcement Points table at the top and tab views of
associated Infranet Controllers (ICs) and Port Details at the bottom. NSM displays only
EX Series switches managed by a current domain in the EP table. Selecting an EP causes
NSM to populate relevant information in the tab views. From the IC tab view, you can
view the associated IC and its location group information. From the Port details tab, you
can see the 802.1X enabled port names and their details.
To associate Enforcement Points (EP) with a selected Infranet Controller (IC):
Select the Add button (+) above the Enforcement Points table. NSM displays a list
1.
of EPs not managed by the selected IC. If the selected IC, is an IC cluster in
Active-Active mode, then you must select the IC cluster member with which the EP
association is to be created.
Select EPs to associate with the selected IC from the list. You can also search by
2.
strings for a particular EP.
Enter the shared secret between the IC and the EPs.
3.
Select the Location Group the EPs must belong to in the selected IC. Each EP can
4.
be associated with only one Location Group available in the IC.
Enter the Infranet Controller port to which the EP should communicate. The default
5.
port is 1812.
Enter the IP address that should be used for RADIUS communication. If you do not
6.
specify an address, the EP's management IP address is used by default. You have
the option to select the IP address of the RADIUS communication server only if you
select a single EP because the IP address to communicate with an IC is unique.
Select
Use Load Balancer with IP Address
7.
IP address of the Load Balancer is then used as the RADIUS server in the EX Series
switch configuration.
In an Active-Active cluster, with the load balancer selected, you can select one cluster
member and perform an IC-EP association. You do not need to repeat the association
for every cluster member.
Select the check box to run an Update Device task, which pushes configuration
8.
changes on both the IC and EPs. The configuration status of the EPs changes to
Managed, InSync.
Select the check box to run a Summarize task that ensures the association between
9.
the IC and EP in the application database. The configuration status of these devices
becomes Managed, NSM Changed.
Select OK. The selected EPs are listed under the associated IC.
10.
if the IC is load balancer administered. The
Copyright © 2010, Juniper Networks, Inc.