Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

ignore (RADIUS Attributes)

 

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 9.1.

Statement introduced in Junos OS Release 9.1 for EX Series switches.

idle-timeout, session-timeout, standard-attribute, vendor-attribute, and vendor-id options added in Junos OS Release 18.1R1.

Description

Configure the router or switch to ignore the specified attributes in RADIUS Access-Accept messages. Standard attributes and VSAs received in RADIUS messages take precedence over internally provisioned attribute values. Ignoring the attributes enables your internally provisioned values to be used instead. Contrast this behavior with that provided by the exclude statement.

Starting in Junos OS Release 18.1R1, you can specify RADIUS standard attributes with the attribute number. You can specify vendor-specific attributes (VSAs) with the IANA-assigned vendor ID and the VSA number. With this flexible configuration method, you can configure any standard attribute and VSA supported by your platform to be ignored. The configuration has no effect if you can configure unsupported attributes, vendors, and VSAs.

The legacy method allows you to configure only those attributes and VSAs for which the statement syntax includes a specific option. Consequently, you can use the legacy method to ignore only a subset of all attributes that can be received in Access-Accept messages.

Options

dynamic-iflset-nameIgnore Juniper Networks VSA 26-130, Qos-Set-Name.
framed-ip-netmaskIgnore RADIUS attribute 9, Framed-IP-Netmask.
idle-timeoutIgnore RADIUS attribute 28, Idle-Timeout.
input-filterIgnore Juniper Networks VSA 26-10, Ingress-Policy-Name.
logical-system-routing-instanceIgnore Juniper Networks VSA 26-1.
output-filterIgnore Juniper Networks VSA 26-11, Egress-Policy-Name.
session-timeoutIgnore RADIUS attribute 27, Session-Timeout.
standard-attribute numberRADIUS standard attribute number supported by your platform. You can enclose multiple values in square brackets to specify a list of attributes. If you configure an unsupported attribute, that configuration has no effect.

Range: 1 through 255

vendor-attribute vsa-numberNumber identifying a VSA belonging to the specified vendor; both must be supported by your platform. You can enclose multiple values in square brackets to specify a list of VSAs. If you configure an unsupported VSA, that configuration has no effect.

Range: 1 through 255

vendor-id id-numberIANA vendor ID supported by your platform. If you configure an unsupported vendor ID, that configuration has no effect.

Range: 1 through 16777215

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.