JUNOSe 7.2.x Policy Management Configuration Guide
172 ! Configuring RADIUS-Based Mirroring
key
! Use to specify a text string used by RADIUS to encrypt the client and server
authenticator field during exchanges between the E-series router’s RADIUS
dynamic-request server and a RADIUS server. The key (also called the secret) is
used during RADIUS-initiated mirroring operations when the user is already
logged in. The router salt-encrypts VSAs using this text string.
! The key can be a maximum of 32 characters.
! The default is no key.
! Connection to the RADIUS server fails if you do not specify a key.
! Example
host1(config)#radius dynamic-request server 192.168.5.3
host1(config-radius)#key mysecret
! Use the no version to remove the key.
mirror disable
! Use to disable a packet mirroring session that was dynamically configured.
! This command is visible only to authorized users—the mirror-enable
command must be enabled prior to using this command.
! You must use the acct-session-id keyword to disable all user-initiated mirroring
sessions (RADIUS-based mirroring sessions that started when the user logged
in).
! For RADIUS-initiated mirroring sessions (sessions that started after the user
was already logged in), use the keyword that corresponds to the trigger.
! acct-session-id—Disable all user-initiated mirroring sessions. Disable
RADIUS-initiated sessions that use Acct-Session-ID (RADIUS attribute 44) as
the trigger
! calling-station-id—Disable RADIUS-initiated sessions that use
Calling-Station-ID (RADIUS attribute 31) as the trigger
! ip-address—Disable RADIUS-initiated sessions that use Framed-IP-Address
(RADIUS attribute 8) as the trigger
! nas-port-id—Disable RADIUS-initiated sessions that use Nas-Port-ID
(RADIUS attribute 87) as the trigger
! username—Disable RADIUS-initiated sessions that use User-Name
(RADIUS attribute 1) as the trigger
! Example
host1#mirror disable acct-session-id atm 2/1.2:0.42:0001048579
! There is no no version.
To Next Page
Loading...
Need help?
General
