beautypg.com

Setting juniper radius parameters for a user – Cisco 3.3 User Manual

Page 297

background image

7-51

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 7 User Management

Advanced User Authentication Settings

Setting Juniper RADIUS Parameters for a User

The Juniper RADIUS parameters appear only if all the following are true:

A AAA client is configured to use RADIUS (Juniper) in Network
Configuration.

The Per-user TACACS+/RADIUS Attributes check box is selected under
Advanced Options in the Interface Configuration section.

User-level RADIUS (Juniper) attributes you want to apply are enabled under
RADIUS (Juniper) in the Interface Configuration section.

Juniper RADIUS represents only the Juniper proprietary attributes. You must
configure both the IETF RADIUS and Juniper RADIUS attributes. Proprietary
attributes override IETF attributes.

Note

To hide or display Juniper RADIUS attributes, see

Setting Protocol Configuration

Options for Non-IETF RADIUS Attributes, page 3-17

. A VSA applied as an

authorization to a particular user persists, even when you remove or replace the
associated AAA client; however, if you have no AAA clients of this (vendor) type
configured, the VSA settings do not appear in the user configuration interface.

To configure and enable Juniper RADIUS attributes to be applied as an
authorization for the current user, follow these steps:

Step 1

Perform Step 1 through Step 3 of

Adding a Basic User Account, page 7-4

.

The User Setup Edit page opens. The username being added or edited is at the top
of the page.

Step 2

Before configuring Juniper RADIUS attributes, be sure your IETF RADIUS
attributes are configured properly. For more information about setting IETF
RADIUS attributes, see

Setting IETF RADIUS Parameters for a User, page 7-38

.

Step 3

In the Juniper RADIUS Attributes table, to specify the attributes that should be
authorized for the user, follow these steps:

a.

Select the check box next to the particular attribute.

b.

Further define the authorization for that attribute in the box next to it.

c.

Continue to select and define attributes, as applicable.