[Contents] [Prev] [Next] [Index] [Report an Error]

profile

Syntax

profile profile-name {
authentication-order [ authentication-methods ];
accounting {
accounting-stop-on-access-deny;
accounting-stop-on-failure;
order [ accounting-method ];
statistics (time);
update-interval minutes;
}
authentication-order [ authentication-method ]
client client-name {
chap-secret chap-secret;
group-profile profile-name;
ike {
allowed-proxy-pair {
remote remote-proxy-address local local-proxy-address;
}
pre-shared-key (ascii-text character-string | hexadecimal hexadecimal-digits);
ike-policy policy-name;
interface-id string-value;
}
l2tp {
interface-id interface-id;
lcp-renegotiation;
local-chap;
maximum-sessions-per-tunnel number;
multilink {
drop-timeout milliseconds;
fragmentation-threshold bytes;
}
ppp-authentication (chap | pap);
ppp-profile profile-name;
shared-secret shared-secret;
}
pap-password pap-password;
ppp {
cell-overhead;
encapsulation-overhead bytes;
framed-ip-address ip-address;
framed-pool framed-pool;
idle-timeout seconds;
interface-id interface-id;
keepalive seconds;
primary-dns primary-dns;
primary-wins primary-wins;
secondary-dns secondary-dns;
secondary-wins secondary-wins;
}
user-group-profile profile-name;
}
radius {
authentication-server [ ip-address ];
accounting-server [ ip-address ];
options {
accounting-session-id-format (decimal | description);
ethernet-port-type-virtual;
interface-description-format (adapter | sub-interface);
nas-identifier identifier-value;
nas-port-extended-format {
adapter-width width;
port-width width;
slot-width width;
stacked-vlan-width width;
vlan-width width;
}
override-nas-information;
revert-interval interval;
vlan-nas-port-stacked-format;
}
attributes {
ignore {
framed-ip-netmask;
input-filter;
logical-system-routing-instance;
output-filter;
}
exclude
accounting-authentic [ accounting-on | accounting-off ];
accounting-delay-time [ accounting-on | accounting-off ];
accounting-session-id [ access-request | accounting-on | accounting-off | accounting-stop ];
accounting-terminate-cause [ accounting-off ];
called-station-id [ access-request | accounting-start | accounting-stop ];
calling-station-id [ access-request | accounting-start | accounting-stop ];
class [ accounting-start | accounting-stop ];
dhcp-gi-address [ access-request | accounting-start | accounting-stop ];
dhcp-mac-address [ access-request | accounting-start | accounting-stop ];
output-filter [ accounting-start | accounting-stop ];
event-timestamp [ accounting-on | accounting-off | accounting-start | accounting-stop ];
framed-ip-address [ accounting-start | accounting-stop ];
framed-ip-netmask [ accounting-start | accounting-stop ];
input-filter [ accounting-start | accounting-stop ];
input-gigapackets [ accounting-stop ];
input-gigawords [ accounting-stop ];
interface-description [ access-request | accounting-start | accounting-stop ];
nas-identifier [ access-request | accounting-on | accounting-off | accounting-start | accounting-stop ];
nas-port [ access-request | accounting-start | accounting-stop ];
nas-port-id [ access-request | accounting-start | accounting-stop ];
nas-port-type [ access-request | accounting-start | accounting-stop ];
output-gigapackets [ accounting-stop ];
output-gigawords [ accounting-stop ];
}
}
}
radius-server server-address {
accounting-port port-number;
port port-number;
retry attempts;
routing-instance routing-instance-name;
secret password;
source-address source-address;
timeout seconds;
}
}

Hierarchy Level

[edit access]

Release Information

Statement introduced before JUNOS Release 7.4.

Description

Configure PPP CHAP, or a profile and its subscriber access, L2TP, or PPP properties.

Options

profile-name—Name of the profile.

For CHAP, the name serves as the mapping between peer identifiers and CHAP secret keys. This entity is queried for the secret key whenever a CHAP challenge or response is received.

The remaining statements are explained separately.

Usage Guidelines

See Configuring the Point-to-Point Protocol, Configuring the Profile, Configuring L2TP Properties for a Profile, Configuring the PPP Properties for a Profile, and Managing Subscriber Access.

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.