[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring the JUNOS Enforcer Failover Options

To configure Infranet Controller failover processing, you must configure the JUNOS Enforcer to connect to a cluster of Infranet Controllers. The JUNOS Enforcer communicates with one of these Infranet Controllers at a time and uses the others for failover processing.

Before You Begin
  1. For background information, read Unified Access Control Overview.
  2. Enable UAC through the relevant JUNOS security policies. See Enabling Unified Access Control on SRX Series and J Series Devices
  3. Configure the SRX Series or J Series device as a JUNOS Enforcer. During the configuration, define a cluster of Infranet Controllers to which the JUNOS Enforcer should connect. See Configuring the SRX Series and J Series Devices as a JUNOS Enforcer.

This topic covers:

CLI Configuration

To configure failover processing:

  1. Specify how often (in seconds) the JUNOS Enforcer should expect a heartbeat signal from the Infranet Controller indicating an active connection:
    edit services unified-access-control interval seconds
  2. Specify the interval (in seconds) at which the JUNOS Enforcer should consider the current connection timed out:
    edit services unified-access-control timeout seconds
  3. Specify how the JUNOS Enforcer should handle all current and subsequent traffic sessions when its connection to an Infranet Controller cluster times out:
    edit services unified-access-control timeout-action (close | no-change | open)

Related Topics

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]