authentication-source (Services User Identification ClearPass)
Syntax
authentication-source aruba-clearpass { authentication-entry-timeout (Services User Identification) minutes; invalid-authentication-entry-timeoutminutes; no-user-query (Services User Identification); traceoptions (Services User Identification) { file filename files files match match size size(world-readable | no-world-readable); flag name; level (all | error | info | notice | verbose | warning); no-remote-trace; } user-query (Services User Identification) { ca-certificate ca-certificate; client-id client-id; client-secret client-secret; delay-query-time seconds; query-api query-api; token-api token-api; web-server { server-name; address address; connect-method (http | https); port port; } } }
Hierarchy Level
[edit services user-identification]
Description
Configure ClearPass as the authentication source for the integrated ClearPass authentication and enforcement feature.
The ClearPass Policy Manager (CPPM), as the authentication source and client of the SRX Series Firewall HTTP server, initiates a connection to the SRX Series Firewall using the Web API that the SRX Series Firewall exposes to it. The CPPM sends user authentication and identity information to the SRX Series Firewall across this connection using HTTP or HTTPS POST request messages.
set authentication-source aruba-clearpass
command
can be used to configure the Juniper Identity Management Service as
the authentication-source.
Options
name | Aruba ClearPass authentication source name. |
authentication-entry-timeout | Aruba ClearPass authentication entry timeout number.
|
invalid-authentication-entry-timeout | Invalid authentication entry timeout number.
|
no-user-query | Disable user query from ClearPass. |
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
services—To view this statement in the configuration.
services-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 12.3X48-D30.