Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    source-identity

    Syntax

    source-identity {[user-or-role-name];any;authenticated-user;unauthenticated-user;unknown-user;}

    Hierarchy Level

    [edit security policies from-zone zone-name to-zone zone-name policy policy-name match]

    Release Information

    Statement introduced in Junos OS Release 12.1. Statement updated in Junos OS Release 12.1X44-D10.

    Description

    Identifies users and roles to be used as match criteria for a policy. If a value other than any is specified as match criteria for a policy within a zone pair, the traffic is matched to table entries to retrieve associated user and roles before policy lookup occurs. Users and roles are retrieved from the local authentication table or from a UIT pushed to the SRX Series device from an access control service when a user is authenticated.

    The following entries specify the source identities that match a policy.

    user-or-role-name

    A list of specific users and roles.

    any

    All users and roles.

    authenticated-user

    Any user or role specified in an entry in the local authentication table or in the UIT.

    unauthenticated-user

    Any user or role that is not specified in an entry in the local authentication table or in the UIT.

    unknown-user

    Any user or role that cannot be determined because the local authentication table or UIT is not accessible, such as a system outage.

    Required Privilege Level

    security—To view this statement in the configuration.

    security-control—To add this statement to the configuration.

    Published: 2013-01-06