 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
The router uses an access profile to verify extended authentication (XAuth) for remote users trying to access a virtual private network (VPN) tunnel. Before you configure XAuth as part of the IKE gateway, you must configure an access profile for remote users. You refer to this access profile from the IKE gateway configuration. When you configure an access profile for XAuth, you must specify RADIUS as the type of authentication server (authentication-order radius).
The following sample commands create an access profile called xauth that sets RADIUS as the authentication method and specifies the IP address of the RADIUS server, the number of the port on which to contact the server (1812 by default), and the secret password shared between the router and the server:
- user@host# set access profile xauth authentication-order
radius
- user@host# set access profile xauth radius-server 10.157.90.244
port 1812
- user@host# set access profile xauth radius-server 10.157.90.244
secret “ $9
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |