1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. POLICY MANAGEMENT - CONFIGURATION GUIDE...
  6. Configuration manual

Table 55: Radius-Based Mirroring During Session Start (User-Initiated); Table 56: Radius-Based Mirroring Of Currently Running Session - Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X Configuration Manual

Junose software for broadband services routers policy management configuration guide
Hide thumbs
Table of Contents

Advertisement

Table 55: RADIUS-Based Mirroring During Session Start (User-Initiated)

Table 56 on page 243 indicates the sequence of steps for a packet mirroring operation
that is configured for a currently running session.
Table 56: RADIUS-Based Mirroring of Currently Running Session (RADIUS-Initiated)
Configuring RADIUS-Based Mirroring
To configure the RADIUS-based packet mirroring environment, you must coordinate
the mirroring operations of three devices in the network: the RADIUS server, the E
Series router, and the analyzer device. The configuration of the RADIUS server and
the analyzer device is described in this section for reference only. The actual
configuration procedures depend on the policies and guidelines established by the
responsible organizations.
Step
Description
1
A user logs in to an E Series router, requesting authentication by the RADIUS server.
Attributres in the logon request are examined to determine whether any match a
configured trigger. The first match starts the packet mirroring session for the user.
2
The RADIUS server authenticates the user and sends packet mirroring VSAs and
any other configured VSAs to the router.
The router creates a secure policy based on the VSAs and starts mirroring the
user's traffic.
3
The router sends the user's original traffic to its intended destination.
4
The router sends the mirrored traffic to analyzer device.
5
The analyzer device provides information for the requesting individual.
Step
Description
1
A user logs in to the E Series router; no mirroring action is configured.
2
Packet mirroring is enabled on the RADIUS server.
Authenticated users are examined to determine whether any match a configured
trigger. The first match determines the router to which to send
change-of-authorization messages.
The RADIUS server sends change-of-authorization messages containing packet
mirroring VSAs to the router.
The router creates a secure policy based on the VSAs and starts mirroring the
user's traffic.
3
The router sends the user's original traffic to its intended destination.
4
The router sends mirrored traffic to the analyzer device.
5
The analyzer device provides information for the requesting individual.
Chapter 12: Configuring RADIUS-Based Mirroring
Configuring RADIUS-Based Mirroring
243

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X and is the answer not in the manual?

Questions and answers

Related Manuals for Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X

Related Products for Juniper POLICY MANAGEMENT - CONFIGURATION GUIDE V11.1.X

This manual is also suitable for:

E series

Table of Contents