Table 51: Radius Attributes Used As Packet Mirroring Triggers; Table 52: Radius Attributes Used As Packet Mirroring Triggers - Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X Configuration Manual

JUNOSe 11.1.x Policy Management Configuration Guide
RADIUS Attributes Used for Packet Mirroring
Table 51 on page 240 and Table 52 on page 240 list the packet mirroring triggers. The
triggers are RADIUS attributes that identify a user whose traffic is to be mirrored. A
packet mirroring session starts when the router receives a RADIUS packet that
contains mirroring attributes and then applies the mirroring configuration to the
appropriate interface. For example, packet mirroring starts when a logon request
occurs that contains a specified User-Name attribute.
The triggers also enable RADIUS-initiated mirroring to start when the user is already
logged in.
Table 51: RADIUS Attributes Used as Packet Mirroring Triggers (Vendor ID 4874)
Table 52: RADIUS Attributes Used as Packet Mirroring Triggers (Vendor ID 3561)
You add the trigger to the RADIUS record of the user whose traffic will be mirrored.
In addition, you must include the RADIUS VSAs listed in Table 53 on page 241 in the
mirrored user's RADIUS record.
NOTE: For IP mirroring, you must include both VSA 26-59 and VSA 26-61, or you
must omit both of these VSAs. If you use only one of these VSAs, the configuration
fails.
240
RADIUS Attributes Used for Packet Mirroring
Standard Number Attribute Name
[1] User-Name
[8] Framed-IP-Address
[26-1] Virtual-Router
[31] Calling-Station-ID
[44] Acct-Session-ID
[87] Nas-Port-ID
[26–159] DHCP- Option-82
Standard Number
[26-1]
[26-2]
Order of Preference
4
3
Used with
Framed-IP-Address and
User-Name
2
1
5
6
Attribute Name
Agent-Circuit-ID
Agent-Remote-ID
Order of Preference
7
8