Install Juniper Mist Edge VM for Juniper Mist Authentication Proxy
Read this topic to learn how to install a Juniper Mist™ Edge virtual machine (VM) for the Juniper Mist Authentication Proxy functionality.
System Requirements
Minimum hardware requirements for a Juniper Mist Edge VM to support the Juniper Mist Auth Proxy functionality:
- Hypervisor: VMware ESXi (Versions – 6.7.0 and 7.0)
- CPU: 2 vCPUs
- RAM: 16-GB RAM
- Hard Disk: 32 GB, thick provisioned
- Network Interface Card (NIC): Single virtual NIC
You need to provide unrestricted access to debian and mistsys repo in the environments where you create the Mist Edge VM for initial bring up. Also, ensure that the Firewall has Port-80 and Port-443 open.
Juniper Mist Edge VM as Juniper Mist Auth Proxy
Juniper Mist Edge virtual machine (VM) requires out-of-band management (OOBM) interface to act as Juniper Mist Auth Proxy.
You can specify a port on which the client contacts the RADIUS server. By default, the client uses port 1812 (as specified in RFC 2865). You can also specify an accounting port to send accounting packets. The default port is 1813 (as specified in RFC 2866).
You must configure TCP port 2083 to allow outbound connections destined to radsec.nac.mist.com.
Additionally, you must provide Juniper Mist Edge VM access to the EP terminator service [ep-terminator.mistsys.net (TCP 443)] on the Juniper Mist cloud. See Firewall Configuration: Juniper Mist Ports and IP Addresses.
