Statement introduced in Release
9.4 of JUNOS software.
Description
Define Unified Access Control (UAC) tracing options.
Use this statement when you are configuring the SRX-series device
to act as a JUNOS Enforcer in a Unified Access Control (UAC) deployment.
When deployed as a JUNOS Enforcer, the SRX-series device enforces
the policies that are defined on the UAC’s Infranet Controller.
This statement is supported on SRX-series devices.
Options
flag—Trace operation to perform.
To specify more than one trace option, include multiple flag statements.
all—Trace with all flags enabled
config—Trace configuration information
for all UAC-related configurations. This includes all configuration
controlled through the unified-access-control statements
at the edit services hierarchy level. It also includes other
standard JUNOS configurations required for UAC enforcement such as
zones, policies, and interfaces.
connect—Trace communications between the
JUNOS Enforcer and the Infranet Controller, including SSL handshakes
and timeouts.
ipc—Trace inter-process communications.
Use this option to trace communications between the Routing Engine
(RE) and the UACD enforcement plugin inside the Packet Forwarding
Engine (PFE).
Usage Guidelines
For configuration instructions and examples,
see the JUNOS Software Security Configuration Guide.
Required Privilege Level
services—To view this statement
in the configuration.
services-control—To
add this statement to the configuration.
