profile (Access)
Syntax
profile profile-name {
accounting {
accounting-stop-on-access-deny;
accounting-stop-on-failure;
duplication;
duplication-attribute-format;
duplication-filter;
duplication-vrf;
order [accounting-method];
statistics (time | volume-time);
}
address-assignment {
inet6-pool inet6-pool-name;
pool pool-name;
}
authentication-order (ldap | none | password | radius | s6a | securid);
charging-service-list;
client client-name {
chap-secret chap-secret;
client-group [ group-names ];
firewall-user {
password password;
}
no-rfc2486;
pap-password pap-password;
x-auth ip-address;
}
client-name-filter {
count number;
domain-name domain-name;
separator special-character;
}
domain-name-server name;
domain-name-server-inet name;
domain-name-server-inet6 name;
jsrc;
ldap-options {
assemble {
common-name common-name;
}
base-distinguished-name base-distinguished-name;
revert-interval seconds;
search {
admin-search {
distinguished-name distinguished-name;
password password;
}
search-filter search-filter-name;
}
}
ldap-server server-address {
port port-number;
retry attempts;
routing-instance routing-instance-name;
source-address source-address;
timeout seconds;
}
provisioning-order (gx-plus | jsrc);
radius;
radius-options;
radius-server;
session-limit-per-username;
session-options {
client-group [group-name];
client-idle-timeout minutes;
client-session-timeout minutes;
}
subscriber;
wins-server;
}
Hierarchy Level
[edit access]
Description
Create a profile containing a set of attributes that define device management access.
Options
| name | Profile name |
| accounting | Specifies the accounting options |
| address-assignment | Specify the address assignment pool |
| authentication-order | Order in which authentication mechanisms are used
|
| charging-service-list | List of used 3gpp charging services
|
| client | Entity requesting access |
| client-name-filter | Restrictions on client names authenticated on this server |
| domain-name-server | Default DNS server's IPv4 address |
| domain-name-server-inet | DNS server's IPv4 address |
| domain-name-server-inet6 | DNS server's IPv6 address |
| jsrc | Set of JSRC configurations |
| ldap-options | Light weight directory access protocol options |
| ldap-server | Light weight directory access protocol server |
| preauthentication-order | Order in which pre authentication mechanisms are used
|
| radius | Set of RADIUS configurations |
| radius-options | RADIUS options |
| radius-server | RADIUS server configuration |
| session-limit-per-username | Maximum number of sessions allowed per username
|
| session-options | Options for an authenticated client's session |
| subscriber | Locally authenticated subscriber configuration |
| wins-server | Default WINS server's IPv4 address |
Required Privilege Level
access—To view this statement in the configuration.
access-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 10.4.
inet6-pool option is introduced in Junos OS Release
20.3R1.
none option is introduced in Junos OS Release 20.3R1.