Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Firewall Authentication

    Junos OS supports the following two types of firewall user authentication:

    • Pass-through authentication—A host or a user from one zone tries to access resources on another zone. You must use an FTP, Telnet, or HTTP client to access the IP address of the protected resource and to get authenticated by the firewall. The device uses FTP, Telnet, or HTTP to collect username and password information. Subsequent traffic from the user or host is allowed or denied based on the result of this authentication.
    • Web authentication—Users try to connect, using HTTP, to an IP address on the device that is enabled for Web authentication; in this scenario, you do not use HTTP to get to the IP address of the protected resource. You are prompted for the username and password that are verified by the device. Subsequent traffic from the user or host to the protected resource is allowed or denied based on the result of this authentication.

    Table 1 lists firewall authentication features that are supported on SRX Series and J Series devices.

    Table 1: Firewall Authentication Support

    Feature

    SRX100
    SRX110
    SRX210
    SRX220
    SRX240

    SRX550
    SRX650

    SRX1400
    SRX3400
    SRX3600
    SRX5600
    SRX5800

    J Series

    Firewall authentication on Layer 2 transparent authentication

    Yes

    Yes

    Yes

    No

    LDAP authentication server

    Yes

    Yes

    Yes

    Yes

    Local authentication server

    Yes

    Yes

    Yes

    Yes

    Pass-through authentication

    Yes

    Yes

    Yes

    Yes

    RADIUS authentication server

    Yes

    Yes

    Yes

    Yes

    SecurID authentication server

    Yes

    Yes

    Yes

    Yes

    Web authentication

    Yes

    Yes

    Yes

    Yes

    Modified: 2012-08-07