•  SRC 4.9.x Subscribers and Subscriptions Guide
  • Copyright and Trademark Information
  • Table of Contents
  • List of Figures
  • List of Tables
  •  About the Documentation
    • SRC Documentation and Release Notes
    • Audience
    • Documentation Conventions
    • Documentation Feedback
    • Requesting Technical Support
  •  Managing Subscribers and Subscriptions
    •  Overview of Subscribers and Subscriptions on a C Series Controller
      • Subscribers Overview
      • Subscriptions Overview
      •  Enterprise Subscriber and Subscription Hierarchy
        • Enterprise Subscription Hierarchy
      •  Managers Overview
        • Read Privileges
        • Management Privileges
        • Managers That Control All Retailers
    •  Subscriber Logins and Service Activation
      •  Login Events and Processes for the SRC Software
        • Login Events and Processes Overview
        • Login Events
        • Summary of the Login Process
      • Residential Subscriber Login and Processes
      •  PPP Subscriber Login and Service Activation
        • Web Login for PPP Subscribers
        • PPP Login Interactions
        • PPP Logout Interactions
      •  DHCP Subscriber Login and Service Activation
        • Interface Startup
        • Initial Login
        • Initial DHCP Login Interactions
        • DHCP Login to Subscriber Account Interactions
        • Persistent DHCP Subscriber Login Interactions
        • DHCP Subscriber Logout Interactions
      •  Static IP Subscribers
        • Single PC, IP Address Known
        • Subscriber IP Address Not Known
      •  Enterprise Subscriber Login Process
        • Interface Startup
      •  Subscriptions and Activations
        • Subscription Activation Interactions
        • Subscription Deactivation Interactions
      •  Automatic Activation at Login
        • Enterprise-Specific Remote Session Activation
    •  Configuring Subscriber-Related Properties on the SAE (SRC CLI)
      • Configuring the Length of Time MAC Addresses Remain in SAE Cache (SRC CLI)
      • Identifying a Profile for Unauthenticated Subscribers (SRC CLI)
      • Configuring Interim Accounting for Services and Subscribers (SRC CLI)
      • Avoiding Overcharges for Sessions That Time Out (SRC CLI)
      • Allowing Multiple Logins from the Same IP Address (SRC CLI)
      • Authenticating Registered Username/Password Pairs (SRC CLI)
      • Configuring Timers for Session Reactivation (SRC CLI)
    •  Classifying Interfaces and Subscribers (SRC CLI)
      •  Classification Scripts Overview
        • How Classification Scripts Work
        • Interface Classification Scripts
        • Subscriber Classification Scripts
        • DHCP Classification Scripts
        • Sharing Information Among Classification Scripts
      •  Configuring Classification Scripts Overview
        • Subscriber Classifiers
        • DHCP Classifiers
        • Interface Classifiers
        •  Classification Targets
          • Target Expressions
        •  Classification Conditions
          • Glob Matching
          • Regular Expression Matching
      • Subscriber Sessions for Services with External Policy Management
      • Configuring the SRC Software to Use an External Policy Management System (SRC CLI)
      • Classifying Interfaces (SRC CLI)
      • Interface Classification Conditions
      • Example: Managing Interfaces for Premium and Basic PPP and DHCP Subscribers
      • Example: Managing Specific Interfaces
      • Example: Managing Interfaces by Using the Interface Description
      • Classifying Subscribers (SRC CLI)
      • Subscriber Classification Conditions
      • Sending DHCP Options to the JunosE Router
      • Subscriber Classification Targets
      • Example: Subscriber Classification Scripts for Static IP Subscriber
      • Example: Subscriber Classification Scripts Using a Subscriber Group
      •  Example: Subscriber Classification Scripts for Enterprise Subscribers
        • Matching on the Interface Name
        • Matching on the Interface Alias
      • Example: Creating Router Interface Subscriber Session
      • Example: Activating Services for a Group of Subscriber Sessions
      • Classifying DHCP Subscribers (SRC CLI)
      • DHCP Classification Conditions
      • Syntax for DHCP Classification Targets
      • Selecting DHCP Parameters
      • DHCP Options Supported on the SAE
      • Creating DHCP Profiles (SRC CLI)
    •  Overview of Plug-Ins Included with the SAE
      •  How Internal Plug-Ins Work
        • Plug-In Pool
        • Event Publishers
      •  Types of Internal Plug-Ins
        • Authorization Plug-Ins
        • Tracking Plug-Ins
        • Customizing RADIUS Packets with Plug-Ins
      • Assigning DHCP Addresses to Subscribers
      • Creating and Tracking Subscriber Sessions
      • Activating and Tracking Service Sessions
    •  Configuring Internal, External, and Synchronization Plug-Ins (SRC CLI)
      • Configuring Internal Plug-Ins (SRC CLI)
      • Configuring the SAE for External Plug-Ins (SRC CLI)
      • Configuring the State Synchronization Plug-In Interface (SRC CLI)
    •  Configuring Accounting and Authentication Plug-Ins (SRC CLI)
      • Creating RADIUS Peers (SRC CLI)
      •  Types of Tracking Plug-Ins
        • RADIUS Accounting
      •  Configuring Tracking Plug-Ins (SRC CLI)
        • Configuring Flat File Accounting Plug-Ins
        • Configuring Headers for Flat File Accounting Plug-Ins
        • Configuring Basic RADIUS Accounting Plug-Ins
        • Configuring Flexible RADIUS Accounting Plug-Ins
        • Configuring Custom RADIUS Accounting-Plug-Ins
      • Log Rotation Overview
      •  Configuring Log Rotation (SRC CLI)
        • Configuring the FTP Server for Log Rotation (SRC CLI)
        • Configuring the Upload Client for Log Rotation (SRC CLI)
      • Types of Authentication Plug-Ins
      •  Configuring Authentication Plug-Ins (SRC CLI)
        • Limiting Subscribers on Router Interfaces
        • Configuring Basic RADIUS Authentication Plug-Ins
        • Configuring Flexible RADIUS Authentication Plug-Ins
        • Configuring Custom RADIUS Authentication Plug-Ins
        • Configuring LDAP Authentication Plug-Ins
      • Configuring UDP Ports for RADIUS Plug-Ins (SRC CLI)
      •  Defining RADIUS Packets for Flexible RADIUS Plug-Ins
        •  Flexible RADIUS Plug-Ins Overview
          • Using Default RADIUS Templates
          • Naming RADIUS Attribute Instances
          • Defining RADIUS Attributes
          • Standard RADIUS Attributes
          • Juniper Networks VSAs
        • Defining the Values of RADIUS Attributes
        • Configuring a RADIUS Packet Template (SRC CLI)
        •  Using Flexible RADIUS Packet Definitions
          • Setting Values in Authentication Response Packets
          • Selecting IP Address Pools Using DHCP Response Packets
      •  Configuring Event Publishers
        •  Special Types of Event Publishers
          • Configuring Service-Specific Event Publishers
          • Configuring Retailer-Specific Event Publishers
          • Configuring Virtual Router–Specific Event Publishers
        • Configuring Global and Default Retailer Event Publishers (SRC CLI)
    •  Configuring Subscribers and Subscriptions (SRC CLI)
      •  Configuring Subscribers and Subscriptions Overview
        • Specifying the Activation Order for Subscriptions
        • Inheritance of Properties and Subscriptions
      • Enabling the Subscriber and Subscription Configuration (SRC CLI)
      • Adding Subscribers (SRC CLI)
      • Adding Retailers (SRC CLI)
      • Configuring Administrative Information for Retailers (SRC CLI)
      • Adding Subscriber Folders (SRC CLI)
      • Adding Residential Subscribers (SRC CLI)
      • Configuring Administrative Information for Residential Subscribers (SRC CLI)
      • Configuring Subscriber-Level 3GPP Attributes for Gx Router Driver (SRC CLI)
      • Adding Enterprises (SRC CLI)
      • Configuring Administrative Information for Enterprise Subscribers (SRC CLI)
      • Adding Sites (SRC CLI)
      • Adding Devices as Subscribers (SRC CLI)
      • Adding Managers (SRC CLI)
      • Configuring Subscriptions (SRC CLI)
      • Configuring Accesses (SRC CLI)
  •  Redirecting Subscriber Traffic Through Redirect Server
    •  Redirecting Subscriber Traffic
      •  Traffic Redirection Overview
        • Proxy Request Management
        • HTTP Proxy and DNS
        • HTTPS Traffic Redirection Support
        • Protection Against Denial-of-Service Attacks
      • Redirect Server Redundancy
    •  Configuring Traffic Redirection (SRC CLI)
      • Configuration Statements for the Redirect Server (SRC CLI)
      • Before You Configure the Redirect Server on a C Series Controller
      • Configuring the Redirect Server (SRC CLI)
      • Configuring General Properties for the Redirect Server (SRC CLI)
      • Configuring a Connection Between the Redirect Server and the Directory (SRC CLI)
      • Defining Traffic to Transmit to the Redirect Server (SRC CLI)
      • Changing the Number of Requests That the Redirect Server Accepts (SRC CLI)
      • Specifying Extensions for Files That the Redirect Server Accepts (SRC CLI)
      • Verifying Configuration for the Redirect Server (SRC CLI)
      • Enabling the Redirect Server
      • Configuring the DNS Server for the Redirect Server (SRC CLI)
      • Configuring the Redirect Server to Support HTTP Proxies (SRC CLI)
      • Configuring Redirect Server to Support HTTPS Traffic (SRC CLI)
      • Before You Configure Redundancy for a Redirect Server
      • Configuring a Redundant Redirect Server (SRC CLI)
      • Configuring Logging for the Redirect Server
      • Changing the Configuration for the Redirect Server
      • Assessing Load for Redirect Server (C-Web Interface)
  •  Integrating Junos OS VPNs into an SRC Configuration
    •  Adding VPNs from Devices Running Junos OS (SRC CLI)
      • Before You Add a Junos OS VPN to the SRC Configuration
      • Configuration Statements for Adding VPNs and Extranet Clients
      • Adding VPNs for Retailers and Enterprises
      • Verifying and Updating Configuration of Extranets for VPNs
      • Locating and Removing Inactive Subscriptions to a VPN
  •  Index
    • Index

A

access lines    1

description    1, 2

accesses    

configuring subscriptions    

SRC CLI

accounting    

basic RADIUS accounting plug-in

custom RADIUS accounting plug-ins

flat file accounting plug-ins

flexible RADIUS accounting plug-ins

anonymous subscriber

attributes    

RADIUS accounting

authenticated subscriber

authentication plug-ins    

configuring

types

authorization plug-ins    

configuring

types

B

basic RADIUS accounting plug-in    1

configuring    

SRC CLI

basic RADIUS authentication plug-in    1

configuring    

SRC CLI

C

captive portal    

preventing access to resources

classification scripts    

conditions    1

glob matching

joining

regular expression matching

configuring    

C-Web interface

descriptions

DHCP classification, C Series Controller    

conditions

configuring, SRC CLI

description

targets

interface classification, C Series Controller    

conditions

configuring, SRC CLI

description

empty policy    1, 2

examples

how it works

targets

structure    

C-Web interface

subscriber classification, C Series Controller    

condition

configuring, SRC CLI

description

DHCP options

enterprise subscriber example

how it works

static IP subscriber example

subscriber group example

targets

target, C Series Controller    

definition

expressions

types

component interactions    

DHCP    

initial login

persistent login

subscriber account login

subscriber logout

enterprise subscribers    

login

remote session activation

PPP    

login

logout

static IP subscribers

subscription activation

subscription deactivation

conventions    

notice icons

text

COPS (Common Open Policy Service)    

DHCP interactions    

initial login

logout

persistent login

subscriber account login

interface startup interactions

PPP interactions    

login

logout

static IP subscriber interactions

subscription activation interactions

subscription deactivation interactions

custom RADIUS accounting plug-ins    1

configuring    

SRC CLI

custom RADIUS authentication plug-ins    1

configuring    

SRC CLI

customer support    1

contacting JTAC

D

default retailer authentication plug-ins    

configuring    

SRC CLI

default retailer DHCP authentication plug-ins    

configuring    

SRC CLI

denial-of-service attacks

DHCP (Dynamic Host Configuration Protocol)    

address assignment

classification scripts.     See classification scripts    

options

profiles    

SRC CLI

subscribers    

login process

logout process

documentation    

comments on

E

enterprise    

description

enterprise subscribers    1

adding    

SRC CLI

enterprise subscribers, login process

event publishers    

configuring    

SRC CLI

default retailer authentication, configuring    

SRC CLI

default retailer DHCP authentication, configuring    

SRC CLI

description

retailer-specific

service-specific

virtual router-specific

external plug-ins    

configuring    

SRC CLI

F

file upload settings for log rotation    

configuring    

SRC CLI

flat file accounting plug-ins    1

configuring    

SRC CLI

configuring headers    

SRC CLI

flexible RADIUS accounting plug-ins    1

attributes, defining    

C-Web interface

configuring

RADIUS packets, defining

flexible RADIUS authentication plug-ins    1

attributes, defining    

C-Web interface

examples

configuring    

SRC CLI

RADIUS packets, defining    

SRC CLI

setting responses    

C-Web interface

FTP server for log rotation    

configuring    

SRC CLI    1, 2

G

general properties    

configuring    

SRC CLI

H

HTTP proxy    1, 2

HTTPS traffic

I

interface classification scripts.     See classification scripts    

interim accounting, configuring on SAE

internal plug-ins    

configuring    

SRC CLI

L

LDAP authentication plug-in    1

configuring    

SRC CLI

limiting subscribers plug-in    1

configuring    

SRC CLI

log rotation    

overview    

SRC CLI

logging    

redirect server

login events, description

login process    

enterprise

residential    1, 2,  See also logout process, residential    

DHCP

PPP

summary

login registration    

configuring    

SRC CLI

logout process, residential    

DHCP

M

managers    

configuring    

SRC CLI

control over all retailers

management privileges

subscribers and subscriptions

manuals    

comments on

N

NAT (Network Address Translation)    

VPNs

notice icons

P

plug-ins    

activating service sessions

authentication    

configuring

authorization    

configuring

basic RADIUS accounting    1

configuring, SRC CLI

basic RADIUS authentication    1

configuring, SRC CLI

creating subscriber sessions

custom RADIUS accounting    1

configuring, SRC CLI

custom RADIUS authentication    1

configuring, SRC CLI

defining RADIUS packets    

SRC CLI

DHCP address assignment

event publishers.     See event publishers    

external    

configuring, SRC CLI

flat file accounting    1

configuring, SRC CLI

flexible RADIUS accounting    1

configuring

flexible RADIUS authentication    1

configuring, SRC CLI

internal    1

authorization

configuring RADIUS peers, SRC CLI

configuring, SRC CLI

customizing RADIUS packets

how they work

pool

RADIUS attributes, C-Web interface

tracking

LDAP authentication    1

configuring, SRC CLI

limiting subscribers    1

configuring, SRC CLI

state synchronization    

configuring, SRC CLI

tracking    

configuring, C-Web interface

service sessions

subscriber sessions

policy groups    

empty    1, 2

policy management    

external policy system    1, 2

PPP subscribers    

login process

Web login

prevention, use of unauthorized resources

protocols    

routing

proxy HTTP    1, 2

proxy request management

public addresses, VPNs

Q

QoS tracking plug-in

R

RADIUS accounting    

attributes

description

RADIUS attributes    

defining in RADIUS plug-ins    

C-Web interface

examples, defining in RADIUS plug-ins    

C-Web interface

RADIUS client library, custom RADIUS plug-ins

RADIUS packets, customizing in plug-ins

RADIUS peers    

configuring in plug-ins    

SRC CLI

RADIUS plug-ins    1,  See also plug-ins    

authentication

UDP port

redirect server    

assessing load    

C-Web interface

configuration statements    

SRC CLI

configuring    

SRC CLI

configuring DNS server for    

SRC CLI

configuring HTTP proxy support    

SRC CLI

configuring redundant    

SRC CLI

directory connection    

SRC CLI

failover

file extensions    

SRC CLI

logging

number of requests    

SRC CLI

protection against denial-of-service attacks

redundancy    1, 2, 3

static route to router

traffic definition    

SRC CLI

verifying    

SRC CLI

redundancy    

redirect server

residential subscribers    1

adding    

SRC CLI

login process.     See login process    

retailers    

subscribers    1

adding, SRC CLI

router subscribers    1

adding    

SRC CLI

routing instances    

VPNs

routing scheme

S

SAE (service activation engine)    

classification scripts.     See classification scripts    

login events

login process.     See login process    

SAE (service activation engine), configuring    

interim accounting    

SRC CLI

login registration    

SRC CLI

multiple logins from same IP address    

SRC CLI

reduce reported session time    

SRC CLI

session reactivation timers    

SRC CLI

time for MAC address in cache    

SRC CLI

unauthenticated user DN    

SRC CLI

service activation engine.     See SAE    

service sessions    

activate-on-login    1, 2

activating and tracking

activating with Web application

enterprise, remote activation

sites    1, 2, 3

subscriber    1

adding, SRC CLI

state synchronization plug-in interface    

configuring    

SRC CLI

static IP subscribers, login process

static routing

subscriber classification scripts.     See classification scripts    

subscriber folders    1

adding    

SRC CLI

subscriber sessions    

activating with Web application

creating and tracking

enterprise, creating and activating

subscribers    

3gpp attributes (Gx router driver)    

configuring, SRC CLI

adding    

SRC CLI

enterprise    1

adding, SRC CLI

inheriting properties

inheriting subscriptions

residential    1

adding, SRC CLI

retailer    1

adding, SRC CLI

router    1

adding, SRC CLI

sessions

sites    1

adding, SRC CLI

types

subscriptions    1

access, configuring    

SRC CLI

an orderly deactivation, activation order, specifying    

SRC CLI

configuring    

SRC CLI

multiple per subscriber

support, technical     See technical support    

T

targets.     See classification scripts    

technical support    

contacting JTAC

text conventions defined

tracking plug-ins    1

configuring    

C-Web interface

U

UDP ports    

RADIUS plug-ins

User Datagram Protocol.     See UDP    

V

validating    

VPNs

virtual private networks.     See VPNs    

VPNs (virtual private networks)    

adding    

SRC CLI

configuration requirements

configuration statements

extranet clients, modifying    

SRC CLI

invalid subscriptions

modifying

routing schemes

using NAT

validating