Configuring an AAA Merit RADIUS server

This section describes how to configure the clients, dictionary, users, and vendors configuration files on an authentication, authorization, and accounting (AAA) Merit RADIUS server. To do so, follow these steps:

1. Modify the RADIUS server ‘client’ configuration file as follows:

   junoscope.server.name   secret        type=Juniper:nas
   

   Replace junoscope.server.name with the name of the JUNOscope software server to which you want users to log in. Replace secret with the shared secret between the RADIUS server and the client. The Network Access Server (NAS) type is Juniper.

2. Modify the RADIUS server ‘dictionary’ configuration file as follows:

   # Juniper Extensions
   Juniper.attr    Juniper-Local-User-Name         1       string (1, 0)
   

   Where Juniper-Local-User-Name is a RADIUS vendor-specific attribute used by Juniper Networks.

3. Modify the RADIUS server 'users' configuration file used to maintain the permitted users list. For example, to add user 'edward' with password 'edward' and local user template 'fritz', change the 'users' configuration file as follows:

   edward Password = "edward"
           Juniper:Juniper-Local-User-Name = "fritz"
   

   The Juniper:Juniper-Local-User-Name is optional.

4. Modify the RADIUS server ‘vendors’ configuration file as follows:

   Juniper.attr Juniper.value 2636 Juniper
   

   The Juniper Networks RADIUS Vendor ID attribute is 2636.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.