Example: Subscriber Secure Policy Mirroring Using DTCP

This example shows a subscriber secure policy mirroring configuration that uses DTCP. The configuration captures and sends information for a subscriber and to a mediation device defined on the DTCP server.

system {ports {console log-out-on-disconnect;}login {class ft-class {permissions flow-tap-operation;}user ft-user1 {uid 2000;class ft-class;authentication {encrypted-password"yourSecret";}}}services {flow-tap-dtcp {ssh;}dhcp-local-server {pool-match-order {external-authority;ip-address-first;option-82;}authentication {password myPassword;username-include {user-prefix JDOE;}}group northeast42 {interface ge-1/0/0.100;}}}}chassis {fpc 0 {pic 1 {tunnel-services {bandwidth 1g;}}}}interfaces {ge-1/0/0 {flexible-vlan-tagging;unit 100 {proxy-arp;vlan-id 100;family inet {unnumbered-address lo0.0 preferred-source-address192.168.22.2;}}}lo0 {unit 0 {family inet {address 192.168.22.2/32;}}}}snmp {community madrid {authorization read-only;clients {192.168.30.225/32;}}trap-group madrid {version v2;targets {192.168.30.225;}}}access {radius-server {192.1168.11.178 secret "yourRadiusSecret-1"; SECRET-DATA192.168.30.225 {port 1812;secret "yourRadiusSecret-2";}}profile myProf2 {authentication-order radius;radius {authentication-server 192.168.30.225;accounting-server 192.168.11.178;}}address-assignment {pool poolA {family inet {network 192.168.22.0/8;range limited {low 192.168.22.10;high 192.168.22.254;}}}}}services {radius-flow-tap {traceoptions {file myFile10;}source-ipv4-address 192.168.100.1;interfaces {vt-1/1/10.0;}}}

Related Topics

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.