[Contents] [Prev] [Next] [Index] [Report an Error]

[edit access] Hierarchy Level

access {
address-assignment {
pool pool-name family inet {
dhcp-attributes {
boot-file filename;
boot-server hostname;
domain-name domain-name;
grace-period seconds;
maximum-lease-time (seconds | infinite);
name-server {
address;
}
netbios-node-type (b-node | h-node | m-node | p-node);
option option-index (array type-name [ type-values ] | byte 8-bit-value | flag (false | off | on | true) | integer signed-32-bit-value | ip-address address | short signed-16-bit-value | string text-string | unsigned-integer 32-bit-value | unsigned-short 16-bit-value);
option-match {
option-82 {
circuit-id id-number range range-name;
remote-id id-number range range-name;
}
}
router {
address;
}
tftp-server hostname;
wins-server {
address;
}
}
host hostname {
hardware-address mac-address;
ip-address ip-address;
}
network ip-prefix</prefix-length>;
range name {
low lower-limit high upper-limit;
}
}
}
address-pool name {
address address-or-prefix value;
address-range low lower-limit high upper-limit;
primary-dns primary-dns;
primary-wins primary-wins;
secondary-dns secondary-dns;
secondary-wins secondary-wins;
}
firewall-authentication {
pass-through {
default-profile profile-name;
(ftp | http | telnet) {
banner {
fail message-text;
login message-text;
success message-text;
}
}
}
traceoptions {
file filename <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;
flag flag;
no-remote-trace;
}
web-authentication {
banner {
success message-text;
}
default-profile profile-name;
}
}
group-profile group-profile-name {
l2tp {
interface-id interface-identifier;
lcp-renegotiation;
local-chap;
maximum-sessions-per-tunnel number;
multilink {
drop-timeout time;
fragmentation-threshold bytes;
}
}
ppp {
cell-overhead;
encapsulation-overhead bytes;
framed-pool pool-identifier;
idle-timeout seconds;
interface-id interface-identifier;
keepalive seconds;
primary-dns primary-dns;
primary-wins primary-wins;
secondary-dns secondary-dns;
secondary-wins secondary-wins;
}
}
ldap-options {
assemble {
common-name name;
}
base-distinguished-name name;
revert-interval seconds;
search {
admin-search {
distinguished-name name;
password password;
}
search-filter filter-name;
}
}
ldap-server server-address {
port port-number;
retry attempts;
routing-instance routing-instance-name;
source-address address;
timeout seconds;
}
profile profile-name {
... profile-configuration ...
}
radius-disconnect {
client-address {
secret password;
}
}
radius-disconnect-port port-number;
radius-options {
revert-interval seconds;
}
radius-server server-address {
accounting-port number;
port number;
retry number;
routing-instance routing-instance-name;
secret password;
source-address address;
timeout seconds;
}
securid-server {
server-name configuration-file filename;
}
profile profile-name {
accounting {
accounting-stop-on-access-deny;
accounting-stop-on-failure;
order [ accounting-method ];
statistics (time | volume-time);
update-interval minutes;
}
accounting-order radius;
authentication-order (ldap | password | radius | securid);
client client-name {
chap-secret chap-secret;
client-group [ group-names ];
firewall-user {
password password;
}
group-profile profile-name;
ike {
allowed-proxy-pair {
local local-proxy-address remote remote-proxy-address;
}
ike-policy policy-name;
initiate-dead-peer-detection;
interface-id interface-id;
pre-shared-key (ascii-text key-string | hexadecimal key-string);
}
l2tp {
interface-id interface-identifier;
lcp-renegotiation;
local-chap;
maximum-sessions-per-tunnel number;
multilink {
drop-timeout time;
fragmentation-threshold bytes;
}
ppp-authentication (chap | pap);
ppp-profile profile-name;
shared-secret shared-secret;
}
pap-password pap-password;
ppp {
cell-overhead;
encapsulation-overhead bytes;
framed-ip-address ip-address;
framed-pool framed-pool;
idle-timeout seconds;
interface-id interface-identifier;
keepalive seconds;
primary-dns primary-dns;
primary-wins primary-wins;
secondary-dns secondary-dns;
secondary-wins secondary-wins;
}
user-group-profile profile-name;
}
client-name-filter client-name {
count number;
domain-name domain-name;
separator special-character;
}
ldap-options {
assemble {
common-name name;
}
base-distinguished-name name;
revert-interval seconds;
search {
admin-search {
distinguished-name name;
password password;
}
search-filter filter-name;
}
}
ldap-server server-address {
port port-number;
retry attempts;
routing-instance routing-instance-name;
source-address address;
timeout seconds;
}
radius {
accounting-server [ ip-address ];
attributes {
... attributes-configuration ...
}
authentication-server [ ip-address ];
options {
accounting-session-id-format (decimal | description);
ethernet-port-type-virtual;
interface-description-format (adapter | sub-interface);
nas-identifier identifier-value;
nas-port-extended-format {
adapter-width width;
port-width width;
slot-width width;
stacked-vlan-width width;
vlan-width width;
}
revert-interval interval;
vlan-nas-port-stacked-format;
}
attributes {
exclude {
accounting-authentic [ accounting-on | accounting-off ];
accounting-delay-time [ accounting-on | accounting-off ];
accounting-session-id [ access-request | accounting-on | accounting-off | accounting-stop ];
accounting-terminate-cause [ accounting-off ];
called-station-id [ access-request | accounting-start | accounting-stop ];
calling-station-id [ access-request | accounting-start | accounting-stop ];
class [ accounting-start | accounting-stop ];
dhcp-gi-address [ access-request | accounting-start | accounting-stop ];
dhcp-mac-address [ access-request | accounting-start | accounting-stop ];
dhcp-options [ access-request | accounting-start | accounting-stop ];
event-timestamp [ accounting-on | accounting-off | accounting-start | accounting-stop ];
framed-ip-address [ accounting-start | accounting-stop ];
framed-ip-netmask [ accounting-start | accounting-stop ];
input-filter [ accounting-start | accounting-stop ];
input-gigapackets [ accounting-stop ];
input-gigawords [ accounting-stop ];
interface-description [ access-request | accounting-start | accounting-stop ];
nas-identifier [ access-request | accounting-on | accounting-off | accounting-start | accounting-stop ];
nas-port [ access-request | accounting-start | accounting-stop ];
nas-port-id [ access-request | accounting-start | accounting-stop ];
nas-port-type [ access-request | accounting-start | accounting-stop ];
output-filter [ accounting-start | accounting-stop ];
output-gigapackets [ accounting-stop ];
output-gigawords [ accounting-stop ];
}
ignore {
framed-ip-netmask;
input-filter;
logical-system-routing-instance;
output-filter;
}
}
}
radius-options {
revert-interval seconds;
}
radius-server server-address {
accounting-port number;
port number;
retry number;
routing-instance routing-instance-name;
secret password;
source-address address;
timeout seconds;
}
session-options {
client-group [ group-names ];
client-idle-timeout minutes;
client-session-timeout minutes;
}
}
}
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.