 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
You can use RADIUS authentication to specify a level of commands that a user is allowed. If you do not configure RADIUS authentication for the console or virtual terminals, all users who successfully log in are automatically granted Level 1 access.
The vendor-specific attribute (VSA) Admin-Auth-Level supports the levels of access shown in Table 53. In addition to VSA access level support, the software provides access to levels 1 and 10 through the Initial-Auth-Level in the standard RADIUS Service-Type attribute. If the RADIUS Service-Type attribute is included in the RADIUS Access-Accept message, the standard attribute overrides any VSA setting.
If you are using the RADIUS Service-Type attribute to assign access levels, the system sets the Initial-Auth-Level as follows:
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |