Chapter 1: Managing User Authentication and Access

Configuring Authentication Order

The procedure provided in this section configures the Services Router to attempt user authentication with the local password first, then with the RADIUS server, and finally with the TACACS+ server.

To configure authentication order:

1.Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.

2.Perform the configuration tasks described in Table 13 on page 15.

3.If you are finished configuring the network, commit the configuration.

To completely set up RADIUS or TACACS+ authentication, you must configure at least one RADIUS or TACACS+ server and create user template accounts.

4.Go on to one of the following procedures:

To configure a RADIUS server, see “Setting Up RADIUS Authentication” on page 12.

To configure a TACACS+ server, see “Setting Up TACACS+ Authentication” on page 13.

To configure a remote user template account, see “Creating a Remote Template Account” on page 19.

To configure local user template accounts, see “Creating a Local Template Account” on page 20.

Table 13: Configuring Authentication Order

Task

J-Web Configuration Editor

Navigate to the System level in

1.

In the J-Web interface, select

the configuration hierarchy.

 

Configuration>View and Edit>Edit

 

 

Configuration.

 

2.

Next to System, click Configure or Edit.

CLI Configuration Editor

From the [edit] hierarchy level, enter

edit system

Add RADIUS authentication to

1.

In the Authentication order box, click Add

Insert the radius statement in the

the authentication order.

 

new entry.

authentication order:

 

2.

In the list, select radius.

insert system authentication-order radius

 

 

 

 

3.

Click OK.

after password

Add TACACS+ authentication to

1.

In the Authentication Order box, click Add

Insert the tacplus statement in the

the authentication order.

 

new entry.

authentication order:

 

2.

In the list, select tacplus.

insert system authentication-order tacplus

 

 

 

 

3.

Click OK.

after radius

Managing User Authentication with a Configuration Editor 15

Page 37
Image 37
Juniper Networks J-Series Configuring Authentication Order, Insert system authentication-order radius, After password