Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Access Configuration Statement Hierarchy
For more information about the access hierarchy, see the following guides:
- For a list of software features within the access hierarchy that are supported on different SRX Series and J Series devices, see the Junos OS Feature Support Reference for SRX Series and J Series Devices.
- For concepts, examples, and configuration instructions that explain the features within the access hierarchy, see the Junos OS Security Configuration Guide.
- For information about access statements not explained here that are shared across Juniper Networks devices, see the Junos System Basics Configuration Guide.
access { firewall-authentication{
pass-through
{ default-profile profile-name; (ftp | http
| telnet) { banner
{ fail string; login string; success string;}}} traceoptions
{ file filename
<files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable> flag flag;} web-authentication
{ banner {
success string;} default-profile profile-name;}}access { firewall-authentication
{ pass-through
{ default-profile profile-name; (ftp | http
| telnet) { banner
{ fail string; login string; success string;}}} traceoptions
{ file filename
<files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable> flag flag;} web-authentication
{ banner {
success string;} default-profile profile-name;}} ldap-options
{ assemble {
common-name common-name;} base-distinguished-name base-distinguished-name; revert-interval seconds; search {
admin-search
{ distinguished-name distinguished-name; password password;} search-filter filter-name;}} ldap-server server-address { port port-number; retry attempts; routing-instance routing-instance-name; source-address source-address; timeout seconds;}profile
profile-name {accounting-order [ accounting-methods]; authentication-order
(ldap | password | radius | securid); client
client-name {chap-secret chap-secret; client-group
[ group-names ]; firewall-user
{ password password;}pap-password pap-password;} client-name-filter client-name { count number; domain-name domain-name; separator special-character;} ldap-options
{ assemble
{ common-name common-name;} base-distinguished-name base-distinguished-name; revert-interval seconds; search { admin-search
{ distinguished-name distinguished-name; password password;} search-filter filter-name;}} ldap-server server-address { port port-number; retry attempts; routing-instance routing-instance-name; source-address source-address; timeout seconds;} radius-options
{ revert-interval seconds;} radius-server server-address { port port-number; retry attempts; routing-instance routing-instance-name; secret password; source-address source-address; timeout seconds; } session-options
{ client-group
[group-names]; client-idle-timeout minutes; client-session-timeout minutes; }} radius-options
{ revert-interval seconds;} radius-server server-address { port port-number; retry attempts; routing-instance routing-instance-name; secret password; source-address source-address; timeout seconds; } securid-server
{ server-name configuration-file filepath; }}
