Chapter 1: Managing User Authentication and Access

4.Go on to one of the following procedures:

To specify a system authentication order, see “Configuring Authentication Order” on page 15.

To configure a remote user template account, see “Creating a Remote Template Account” on page 19.

To configure local user template accounts, see “Creating a Local Template Account” on page 20.

Table 11: Setting Up RADIUS Authentication

Task

J-Web Configuration Editor

Navigate to the System level in the

1.

In the J-Web interface, select

configuration hierarchy.

 

Configuration>View and Edit>Edit

 

 

Configuration.

 

2.

Next to System, click Configure or

 

 

Edit.

CLI Configuration Editor

From the [edit] hierarchy level, enter

edit system

Add a new RADIUS server

1.

In the Radius server box, click Add

 

 

new entry.

 

2.

In the Address box, type the IP

 

 

address of the RADIUS server:

 

 

172.16.98.1

Set the IP address of the RADIUS server:

set radius-server address 172.16.98.1

Specify the shared secret (password) of the RADIUS server. The secret is stored as an encrypted value in the configuration database.

Specify the source address to be included in the RADIUS server requests by the router. In most cases, you can use the loopback address of the router.

In the Secret box, type the shared secret of

Set the shared secret of the RADIUS

the RADIUS server:

server:

Radiussecret1

set radius-server 172.16.98.1 secret

 

Radiussecret1

In the Source address box, type the

Set the router's loopback address as

loopback address of the router:

the source address:

10.0.0.1

set radius-server 172.16.98.1

 

source-address 10.0.0.1

Setting Up TACACS+ Authentication

To use TACACS+ authentication, you must configure at least one TACACS+ server.

The procedure provided in this section identifies the TACACS+ server, specifies the secret (password) of the TACACS+ server, and sets the source address of the Services Router's TACACS+ requests to the loopback address of the router. This procedure uses the following sample values:

The TACACS+ server's IP address is 172.16.98.24.

The TACACS+ server's secret is Tacacssecret1.

The loopback address of the router is 10.0.0.1.

Managing User Authentication with a Configuration Editor 13

Page 35
Image 35
Juniper Networks J-Series manual Setting Up TACACS+ Authentication, Setting Up Radius Authentication