[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
[edit access] Hierarchy Level
- access {
-
- address-assignment {
-
- pool pool-name family inet {
-
- dhcp-attributes {
- boot-file filename;
- boot-server hostname;
- domain-name domain-name;
- grace-period seconds;
- maximum-lease-time (seconds | infinite);
-
- name-server {
-
address;
- }
- netbios-node-type (b-node | h-node | m-node | p-node);
- option option-index (array type-name [ type-values ] | byte 8-bit-value |
flag (false | off | on | true) | integer signed-32-bit-value | ip-address address | short signed-16-bit-value |
string text-string | unsigned-integer 32-bit-value | unsigned-short 16-bit-value);
-
- option-match {
-
- option-82 {
- circuit-id id-number range range-name;
- remote-id id-number range range-name;
- }
- }
-
- router {
-
address;
- }
- tftp-server hostname;
-
- wins-server {
-
address;
- }
- }
-
- host hostname {
- hardware-address mac-address;
- ip-address ip-address;
- }
- network ip-prefix</prefix-length>;
-
- range name {
- low lower-limit high upper-limit;
- }
- }
- }
-
- address-pool name {
- address address-or-prefix value;
- address-range low lower-limit high upper-limit;
- primary-dns primary-dns;
- primary-wins primary-wins;
- secondary-dns secondary-dns;
- secondary-wins secondary-wins;
- }
-
- firewall-authentication {
-
- pass-through {
- default-profile profile-name;
-
- (ftp | http | telnet) {
-
- banner {
- fail message-text;
- login message-text;
- success message-text;
- }
- }
- }
-
- traceoptions {
- file filename <files number> <match regular-expression> <size maximum-file-size> <world-readable |
no-world-readable>;
- flag flag;
- no-remote-trace;
- }
-
- web-authentication {
-
- banner {
- success message-text;
- }
- default-profile profile-name;
- }
- }
-
- group-profile group-profile-name {
-
- l2tp {
- interface-id interface-identifier;
- lcp-renegotiation;
- local-chap;
- maximum-sessions-per-tunnel number;
-
- multilink {
- drop-timeout time;
- fragmentation-threshold bytes;
- }
- }
-
- ppp {
- cell-overhead;
- encapsulation-overhead bytes;
- framed-pool pool-identifier;
- idle-timeout seconds;
- interface-id interface-identifier;
- keepalive seconds;
- primary-dns primary-dns;
- primary-wins primary-wins;
- secondary-dns secondary-dns;
- secondary-wins secondary-wins;
- }
- }
-
- ldap-options {
-
- assemble {
- common-name name;
- }
- base-distinguished-name name;
- revert-interval seconds;
-
- search {
-
- admin-search {
- distinguished-name name;
- password password;
- }
- search-filter filter-name;
- }
- }
-
- ldap-server server-address {
- port port-number;
- retry attempts;
- routing-instance routing-instance-name;
- source-address address;
- timeout seconds;
- }
-
- profile profile-name {
-
- accounting {
- accounting-stop-on-access-deny;
- accounting-stop-on-failure;
- order [ accounting-method ];
- statistics time;
- update-interval minutes;
- }
- accounting-order radius;
-
- authentication {
- order [ authentication-method ];
- }
- authentication-order (ldap | password | radius | securid);
-
- client client-name {
- chap-secret chap-secret;
- client-group [ group-names ];
-
- firewall-user {
- password password;
- }
- group-profile profile-name;
-
- ike {
-
- allowed-proxy-pair {
- local local-proxy-address remote remote-proxy-address;
- }
- ike-policy policy-name;
- initiate-dead-peer-detection;
- interface-id interface-id;
- pre-shared-key (ascii-text key-string | hexadecimal key-string);
- }
-
- l2tp {
- interface-id interface-identifier;
- lcp-renegotiation;
- local-chap;
- maximum-sessions-per-tunnel number;
-
- multilink {
- drop-timeout time;
- fragmentation-threshold bytes;
- }
- ppp-authentication (chap | pap);
- ppp-profile profile-name;
- shared-secret shared-secret;
- }
- pap-password pap-password;
-
- ppp {
- cell-overhead;
- encapsulation-overhead bytes;
- framed-ip-address ip-address;
- framed-pool framed-pool;
- idle-timeout seconds;
- interface-id interface-identifier;
- keepalive seconds;
- primary-dns primary-dns;
- primary-wins primary-wins;
- secondary-dns secondary-dns;
- secondary-wins secondary-wins;
- }
- user-group-profile profile-name;
- }
-
- client-name-filter client-name {
- count number;
- domain-name domain-name;
- separator special-character;
- }
-
- ldap-options {
-
- assemble {
- common-name name;
- }
- base-distinguished-name name;
- revert-interval seconds;
-
- search {
-
- admin-search {
- distinguished-name name;
- password password;
- }
- search-filter filter-name;
- }
- }
-
- ldap-server server-address {
- port port-number;
- retry attempts;
- routing-instance routing-instance-name;
- source-address address;
- timeout seconds;
- }
-
- radius {
- accounting-server [ ip-address ];
-
- attributes {
- ... attributes-configuration ...
- }
- authentication-server [ ip-address ];
-
- options {
- accounting-session-id-format (decimal | description);
- ethernet-port-type-virtual;
- interface-description-format (adapter | sub-interface);
- nas-identifier identifier-value;
-
- nas-port-extended-format {
- adapter-width width;
- port-width width;
- slot-width width;
- stacked-vlan-width width;
- vlan-width width;
- }
- revert-interval interval;
- vlan-nas-port-stacked-format;
- }
-
- attributes {
-
- exclude {
- accounting-authentic [ accounting-on | accounting-off ];
- accounting-delay-time [ accounting-on | accounting-off
];
- accounting-session-id [ access-request | accounting-on
| accounting-off | accounting-stop ];
- accounting-terminate-cause [ accounting-off ];
- called-station-id [ access-request | accounting-start |
accounting-stop ];
- calling-station-id [ access-request | accounting-start
| accounting-stop ];
- class [ accounting-start | accounting-stop ];
- dhcp-options [ access-request | accounting-start | accounting-stop
];
- dhcp-gi-address [ access-request | accounting-start | accounting-stop
];
- dhcp-mac-address [ access-request | accounting-start |
accounting-stop ];
- event-timestamp [ accounting-on | accounting-off | accounting-start |
accounting-stop ];
- framed-ip-address [ accounting-start | accounting-stop
];
- framed-ip-netmask [ accounting-start | accounting-stop
];
- input-filter [ accounting-start | accounting-stop ];
- input-gigapackets [ accounting-stop ];
- input-gigawords [ accounting-stop ];
- interface-description [ access-request | accounting-start |
accounting-stop ];
- nas-identifier [ access-request | accounting-on | accounting-off |
accounting-start | accounting-stop ];
- nas-port [ access-request | accounting-start | accounting-stop
];
- nas-port-id [ access-request | accounting-start | accounting-stop
];
- nas-port-type [ access-request | accounting-start | accounting-stop
];
- output-filter [ accounting-start | accounting-stop ];
- output-gigapackets [ accounting-stop ];
- output-gigawords [ accounting-stop ];
- }
-
- ignore {
- framed-ip-netmask;
- input-filter;
- logical-system-routing-instance;
- output-filter;
- }
- }
- }
-
- radius-options {
- revert-interval seconds;
- }
-
- radius-server server-address {
- accounting-port number;
- port number;
- retry number;
- routing-instance routing-instance-name;
- secret password;
- source-address address;
- timeout seconds;
- }
-
- session-options {
- client-group [ group-names ];
- client-idle-timeout minutes;
- client-session-timeout minutes;
- }
- }
-
- radius-disconnect {
-
-
client-address {
- secret password;
- }
- }
- radius-disconnect-port port-number;
-
- radius-options {
- revert-interval seconds;
- }
-
- radius-server server-address {
- accounting-port number;
- port number;
- retry number;
- routing-instance routing-instance-name;
- secret password;
- source-address address;
- timeout seconds;
- }
-
- securid-server {
-
server-name configuration-file filename;
- }
- }
[Contents]
[Prev]
[Next]
[Index]
[Report an Error]
