Help CenterUser GuideGetting Started
 
X
User Guide
Getting Started
Contents

UAC Settings Configuration Page Options

Procedure

  1. Select Configure>Authentication>UAC Settings in the J-Web user interface if you are using SRX5400, SRX5600, or SRX5800 platforms.

    Or

    Select Configure>Authentication>UAC Settings in the J-Web user interface.

    The UAC Settings configuration page appears.

  2. (Junos OS Release 19.1R1 and later releases) Select Configure>Users>UAC Settings in the J-Web user interface.

    The UAC Settings configuration page appears. Table 1 explains the contents of this page.

  3. Click one:
    • Add or +—Adds a new Infranet Controller. Enter information as specified in Table 1.

    • Edit or /—Edits the selected Infranet Controller configuration.

    • Delete or X—Deletes the selected Infranet Controller configuration.

  4. Click one:
    • OK/Save—Saves the configuration and returns to the main configuration page.

    • Actions>Commit—Commits the configuration and returns to the main configuration page.

    • Cancel—Cancels your entries and returns to the main configuration page.

Table 1: Infranet Controller Configuration Details

Field FunctionAction
Global Settings

Certificate Verification

Determines whether server certificate verification is required when initiating a connection between a device and an Access Control Service in a UAC configuration.

Select the following options from the list:

  • None—Certificate verification is not required.

  • Optional—Certificate verification is not required. If the CA certificate is not specified in the ca-profile option, the commit check passes and no warning is issued.

  • Required—Certificate verification is required. If the CA certificate is not specified in the ca-profile option, an error message is displayed, and the commit check fails. Use this option to ensure strict security.

  • Warning—Certificate verification is not required. A warning message is displayed during commit check if the CA certificate is not specified in the ca-profile option.

Interval

Specifies the value in seconds that the device should expect to receive a heartbeat signal from the IC Series device.

Enter the heartbeat interval in seconds. Range: 1 through 9999.

Test Only Mode

Allows all traffic and log enforcement result.

Enable the Test Only Mode option.

Timeout

Specifies (in seconds) that the device should wait to get a heartbeat response from an IC Series UAC Appliance.

Enter the timeout in seconds. Range: 2 through 10000.

Timeout Action

Specifies the action to be performed when a timeout occurs and the device cannot connect to an Infranet Enforcer.

Select the timeout action.

Infranet Controller

Name

Specifies the name of the Infranet Controller.

Enter a name for the Infranet Controller.

IP address

Specifies an IP address for the Infranet Controller.

Enter an IP address for the Infranet Controller.

Interface

Specifies the interface used for the Infranet Controller.

Select an interface.

Password

Specifies the password to use for the Infranet Controller.

Enter the password.

CA Profiles

Specifies the preferred CA to use for the Infranet Controller. If no value is specified, then no certificate request is sent (although incoming certificates are still accepted).

Select a CA from the list in the CA Profiles column and then click the right arrow to move them to the Selected column.

Note: To deselect a CA, select the CA in the Selected column and then click the left arrow to move them to the CA Profiles column.

Port

Specifies the port number to be associated with this Infranet Controller for data traffic.

Enter a value from 1 through 65,535.

Server Certificate Subject

Specifies the subject name of the Infranet Controller certificate to match.

Enter the server certificate subject name.

Captive Portal

Captive Portal

Specifies the preconfigured security policy for captive portal on the Junos OS Enforcer.

Click + to add a captive portal.

Name

Specifies the name of the captive portal.

Enter a name for the captive portal.

Redirect Traffic

Specifies a traffic type to be redirected.

Select a traffic type.

Redirect URL

Specifies a URL to which the traffic should be redirected.

Enter the URL to which the captive portal should be directed.

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary