Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

About the UAC Settings Page

You are here: Security Services > Firewall Authentication > UAC Settings.

Use this page to configure UAC Settings.

Field Description

To configure UAC settings:

  1. Complete the configuration according to the guidelines provided in Table 1.

  2. Click Save to save the changes.

Table 1 describes the fields on the UAC Setting page.

Table 1: Fields on the UAC Setting Page

Field

Description

Global Settings

Certificate Verification

Determines whether server certificate verification is required when initiating a connection between a device and an Access Control Service in a UAC configuration.

Select the following options from the list:

  • None—Certificate verification is not required.

  • Optional—Certificate verification is not required. If the CA certificate is not specified in the ca-profile option, the commit check passes and no warning is issued.

  • Required—Certificate verification is required. If the CA certificate is not specified in the ca-profile option, an error message is displayed, and the commit check fails. Use this option to ensure strict security.

  • Warning—Certificate verification is not required. A warning message is displayed during commit check if the CA certificate is not specified in the ca-profile option.

Interval

Specifies the value in seconds that the device should expect to receive a heartbeat signal from the IC Series device.

Enter the heartbeat interval in seconds. Range: 1 through 9999.

Test Only Mode

Allows all traffic and log enforcement result.

Enable the Test Only Mode option.

Timeout

Specifies (in seconds) that the device should wait to get a heartbeat response from an IC Series UAC Appliance.

Enter the timeout in seconds. Range: 2 through 10000.

Timeout Action

Specifies the action to be performed when a timeout occurs and the device cannot connect to an Infranet Enforcer.

Select the timeout action from the list.

Infranet Controller

Infranet Controller

Click + to add an infranet controller.

Click pencil icon to edit a selected infranet controller.

Click delete icon to delete the selected infranet controller.

Name

Enter a name for the Infranet Controller.

IP address

Enter an IP address for the Infranet Controller.

Interface

Select an interface used for the Infranet Controller.

Interface

Enter the password to use for the Infranet Controller

CA Profiles

Select a CA from the list in the CA Profiles column and then click the right arrow to move them to the Selected column.

Note:

To deselect a CA, select the CA in the Selected column and then click the left arrow to move them to the CA Profiles column.

Port

Specifies the port number to be associated with this Infranet Controller for data traffic.

Enter a value from 1 through 65,535.

Server Certificate Subject

Enter the server certificate subject name of the Infranet Controller certificate to match.

Captive Portal

Captive Portal

Specifies the preconfigured security policy for captive portal on the Junos OS Enforcer.

Click + to add a captive portal.

Click pencil icon to edit a selected captive portal.

Click delete icon to delete the selected captive portal.

Name

Enter a name for the captive portal.

Redirect Traffic

Select a traffic type to be redirected.

Redirect URL

Enter the URL to which the captive portal should be directed.