Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
  
[+] Expand All
[-] Collapse All

Configuring Dictionaries for the SIC Group (SRC CLI)

You can add new attributes or modify the current attributes in an SIC dictionary. To add or modify an attribute in a dictionary, specify the unique name of the attribute and configure the RADIUS properties of the attribute.

Note: To create a new dictionary, we recommend that you work with Juniper Networks Technical Support.

Use the following statements to configure attributes in an SIC dictionary:

shared sic group identifier dictionary id
shared sic group identifier dictionary id attribute id
shared sic group identifier dictionary id attribute id radius { type type; format (one-byte-integer | integer | eight-byte-integer | string | ipv4-address | ipv6-address | time | octets); vendor-id vendor-id; encrypt; salt-encrypt; tagged; sensitive; }
shared sic group identifier dictionary id attribute id radius constant constant-name {constant-value;}

To add or modify attributes in an SIC dictionary:

  1. From configuration mode, access the statement that specifies the unique name for the dictionary. This sample procedure uses group1 as the group identifier and dic1 as the dictionary identifier.
    [edit]user@host# edit shared sic group group1 dictionary dic1
  2. Specify the unique name for the attribute you want to add or modify in the dictionary.
    [edit shared sic group group1 dictionary dic1]user@host# edit attribute id
  3. Specify that the attribute is a RADIUS attribute.
    [edit shared sic group group1 dictionary dic1 attribute id]user@host# edit radius
  4. Specify the attribute type.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set type type
  5. Specify the format of the RADIUS attribute.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set format (one-byte-integer | integer | eight-byte-integer | string | ipv4-address | ipv6-address | time | octets)

    where:

    • one-byte-integer—Attribute value is an 8-bit unsigned integer.
    • integer—Attribute value is a 32-bit unsigned integer.
    • eight-byte-integer—Attribute value is a 64-bit unsigned integer.
    • string—Attribute value is a string.
    • ipv4-address—Attribute value is an IPv4 address.
    • ipv6-address—Attribute value is an IPv6 address.
    • time—Attribute value is a 32-bit unsigned value, with the most significant octet appearing first. The value is equal to the number of seconds since 00:00:00 UTC, January 1, 1970.
    • octets—Attribute value consists of raw bytes.
  6. (Optional) Specify the vendor ID for the attribute.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set vendor-id vendor-id
  7. (Optional) Specify whether the attribute should be encrypted without the salt.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set encrypt
  8. (Optional) Specify whether the attribute should be encrypted with the salt.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set salt-encrypt
  9. (Optional) Specify whether the RADIUS attribute is tagged.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set tagged
  10. (Optional) Specify whether the RADIUS attribute carries sensitive data, so its value will not be logged.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius]user@host# set sensitive
  11. (Optional) Specify the name and value of the constant you want to associate with the data contained in the RADIUS attribute.
    [edit shared sic group group1 dictionary dic1 attribute attribute1 radius constant]user@host# set constant-name constant-name constant-value
  12. (Optional) If you modify an existing dictionary, you need to restart the SIC.
    user@host# restart component sic

Related Documentation

Modified: 2017-08-03