How RADIUS Configuration Works with JUNOScope

This section provides an overview of how JUNOScope RADIUS configuration works to enable remote users with RADIUS accounts to log in with appropriate permissions. The general sequence is as follows:

1. The RADIUS server administrator configures the RADIUS server(s) with Juniper Networks vendor-specific RADIUS attributes and user account records. (See Configuring the RADIUS Server.)
2. The RADIUS administrator ensures that all RADIUS servers are up and running.
3. The JUNOScope software administrator logs in to JUNOScope with superuser permissions, and adds the RADIUS server host information in JUNOScope. (See Setting Up RADIUS Configuration in JUNOScope.)
4. The JUNOScope administrator adds local and remote template accounts as needed in JUNOScope. (See Configuring RADIUS Local and Remote Template Accounts in JUNOScope.)
5. A user with a RADIUS account logs in to the JUNOScope software with username and password.
6. The JUNOScope software forwards a request to the RADIUS server to authenticate the user’s login name.
7. If authentication succeeds, the RADIUS server returns the local username attribute to the JUNOScope software.
8. The template account (user) set up in JUNOScope determines the user group to which the RADIUS user belongs after log in.
9. The user logs in successfully with JUNOScope permissions derived from the least restrictive permission levels of all user groups to which the user belongs.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.