RADIUS is a distributed client/server that protects networks against unauthorized access. RADIUS clients running on a E-series router send authentication requests to a central RADIUS server.
You can access the RADIUS server through either a subscriber line or the CLI.
 |
Note: For CLI/telnet users only—For CLI security, the router supports the RADIUS Access-Challenge message. The RADIUS server uses this message to send the user a challenge requiring a response. The router then displays the single reply message and attempts to authenticate the user with the new response as the password. |
The central RADIUS server stores all the required user authentication and network access information. RADIUS informs the router of the privilege levels for which RADIUS-authenticated users have enable access. The router permits or denies enable access accordingly.
The RADIUS server is configured and managed by a RADIUS administrator. See your RADIUS server documentation for information about configuring and managing a RADIUS server.
The E-series RADIUS client uses the IP address in the router ID unless you explicitly set an IP address by using the radius update-source-addr command. See Configuring RADIUS Authentication and Accounting Servers.
To explicitly set the source address, perform the following tasks:
|
Note: For additional RADIUS information about topics such as restricting user access, vty line authentication, or SSH, see the Passwords and Security chapter in JUNOSe System Basics Configuration Guide. |
 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |