Technical Documentation

Access Configuration Statements

To configure access, include the following statements at the [edit access] hierarchy level:

[edit access]address-assignment {pool pool-name {family (Address-Assignment Pools) inet {network address-or-prefix </subnet-mask>;range name {high upper-limit;low lower-limit;prefix-length prefix-length;}host hostname {hardware-address mac-address;ip-address ip-address;}dhcp-attributes {[protocol-specific-attributes];}}}}address-pool pool-name {address address-or-prefix;address-range low <lower-limit> high <upper-limit>;}group-profile profile-name {l2tp {interface-id interface-id;lcp-renegotiation;local-chap;maximum-sessions-per-tunnel number;multilink {drop-timeout milliseconds;fragmentation-threshold bytes;}}ppp {cell-overhead;encapsulation-overhead bytes;framed-pool pool-id;idle-timeout seconds;interface-id interface-id;keepalive seconds; primary-dns primary-dns;primary-wins primary-wins;secondary-dns secondary-dns; secondary-wins secondary-wins;}}profile profile-name {accounting {accounting-stop-on-access-deny;accounting-stop-on-failure;coa-immediate-update;immediate-update;order [ accounting-method ];statistics (time | volume-time);update-interval minutes;}accounting-order radius;authentication-order [ authentication-methods ];client client-name {chap-secret chap-secret;group-profile profile-name; ike {allowed-proxy-pair {remote remote-proxy-address local local-proxy-address;}pre-shared-key (ascii-text character-string | hexadecimal hexadecimal-digits);ike-policy policy-name;interface-id interface-id;}l2tp {interface-id interface-id;lcp-renegotiation;local-chap;maximum-sessions-per-tunnel number;multilink {drop-timeout milliseconds;fragmentation-threshold bytes;}ppp-authentication (chap | pap);ppp-profile profile-name;shared-secret shared-secret;}pap-password pap-password;ppp {cell-overhead;encapsulation-overhead bytes;framed-ip-address ip-address;framed-pool framed-pool;idle-timeout seconds;interface-id interface-id;keepalive seconds; primary-dns primary-dns;primary-wins primary-wins;secondary-dns secondary-dns; secondary-wins secondary-wins; }user-group-profile profile-name;}radius {authentication-server [ ip-address ];accounting-server [ ip-address ];options {accounting-session-id-format (decimal | description);client-accounting-algorithm (direct | round-robin);client-authentication-algorithm (direct | round-robin);ethernet-port-type-virtual;interface-description-format [sub-interface | adapter];nas-identifier identifier-value;nas-port-extended-format {adapter-width width;port-width width;slot-width width;stacked-vlan-width width;vlan-width width;}revert-interval interval;vlan-nas-port-stacked-format;}attributes {ignore {framed-ip-netmask;input-filter;logical-system-routing-instance;output-filter;}accounting-authentic [ accounting-on | accounting-off ];accounting-delay-time [ accounting-on | accounting-off ];accounting-session-id [ access-request | accounting-on | accounting-off | accounting-stop ];accounting-terminate-cause [ accounting-off ];called-station-id [ access-request | accounting-start | accounting-stop ];calling-station-id [ access-request | accounting-start | accounting-stop ];class [ accounting-start | accounting-stop ];dhcp-options [ access-request | accounting-start | accounting-stop ];dhcp-gi-address [ access-request | accounting-start | accounting-stop ];dhcp-mac-address [ access-request | accounting-start | accounting-stop ];output-filter [ accounting-start | accounting-stop ];event-timestamp [ accounting-on | accounting-off | accounting-start | accounting-stop ];framed-ip-address [ accounting-start | accounting-stop ];framed-ip-netmask [ accounting-start | accounting-stop ];input-filter [ accounting-start | accounting-stop ];input-gigapackets [ accounting-stop ];input-gigawords [ accounting-stop ];interface-description [ access-request | accounting-start | accounting-stop ];nas-identifier [ access-request | accounting-on | accounting-off | accounting-start | accounting-stop ];nas-port [ access-request | accounting-start | accounting-stop ];nas-port-id [ access-request | accounting-start | accounting-stop ];nas-port-type [ access-request | accounting-start | accounting-stop ];output-gigapackets [ accounting-stop ];output-gigawords [ accounting-stop ];}}}radius-server server-address {accounting-port port-number;port port-number;retry attempts;routing-instance routing-instance-name;secret password; source-address source-address;timeout seconds;}}radius-disconnect {client-address {secret password;}}radius-disconnect-port port-number;radius-server server-address {accounting-port port-number;port port-number;retry attempts; routing-instance routing-instance-name;secret password; source-address source-address;timeout seconds;}

Published: 2010-04-26