Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    show services unified-access-control authentication-table

    Syntax

    show services unified-access-control authentication-table <detail><extended><identifier id> <ipsource ipaddress> <role role-name> <user user-name>

    Release Information

    Command introduced in Junos OS Release 9.4.

    Command introduced in Junos OS Release 12.2 for EX Series switches.

    Description

    Display a summary of the authentication table entries configured for the Juniper Networks MAG Series Junos Pulse Gateways or the Juniper Networks IC Series Unified Access Control Appliances. Authentication tables store mappings between traffic sessions and Unified Access Control (UAC) roles. The Access Control Service appliance uses the roles specified in the mappings to help determine which Access Control Service policies to apply to a session.

    Use this command when you have configured the SRX Series device or EX Series switch to act as a Junos OS Enforcer in an Access Control Service deployment. When deployed as a Junos OS Enforcer, the SRX Series device or EX Series switch enforces the policies that are defined on the Access Control Service appliance.

    You can also use this command to display the content of the authentication table in a user role firewall implementation. The table, pushed from a supporting Access Control Service device, provides the user roles associated with incoming traffic.

    Options

    none

    Display a view of all authentication table entries.

    detail

    (Optional) Display a detailed view of all authentication table entries.

    extended

    (Optional) Display a view of all authentication table entries with the user roles listed.

    identifier id

    (Optional) Display all authentication table entries with the specified identifier number.

    ipsource ip-address

    (Optional) Display any authentication table entry for the specified IP address.

    role role-name

    (Optional) Display all authentication table entries for the specified role name.

    user username

    (Optional) Display all authentication table entries for the specified user.

    Required Privilege Level

    view

     

    Related Documentation

     

    List of Sample Output

    show services unified-access-control authentication-table (SRX Series device)
    show services unified-access-control authentication-table detail (SRX Series device)
    show services unified-access-control authentication-table (EX Series switch)
    show services unified-access-control authentication-table detail (EX Series switch)

    Output Fields

    Table 1 lists the output fields for the show services unified-access-control authentication-table command. Output fields are listed in the approximate order in which they appear.

    Table 1: show services unified-access-control authentication-table Output Fields

    Field Name

    Field Description

    Level of Output

    Identifier

    The identification number of this authentication table.

    All

    Source

    The IP address of the end device.

    All

    Username

    The username logged in by the end device.

    All

    Age

    Refers to the Access Control Service authentication table timeout.

    The authentication table timeout is a configurable parameter on the Access Control Service. It indicates how long a session with no activity can remain table before the table entry is cleared.

    For EX Series switches, the authentication table timeout is always 0, which means that the session does not time out until the 802.1X connection is made.

    For additional information, see the Junos Pulse Access Control Service Administration Guide.

    All

    Role identifier

    A value generated and used by the Access Control Service to uniquely identify a given role.

    All

    Role name

    Role name specified in Access Control Service.

    detail

    Total

    Total number of entries in the authentication table.

    All

    Sample Output

    show services unified-access-control authentication-table (SRX Series device)

    user@host>show services unified-access-control authentication-table 

    Id    Source IP       Username     Age      Role identifier
1     172.24.72.79    atsang       0        0000000001.000005.0
Total: 1

    show services unified-access-control authentication-table detail (SRX Series device)

    user@host>show services unified-access-control authentication-table detail

    Identifier: 1
  Source IP: 172.24.72.79
  Username: atsang
  Age: 0
  Role identifier       Role name
    0000000001.000005.0 Users
    1113249951.100616.0 PersonalFirewall
    1183670148.427197.0 UAC
Total: 1

    show services unified-access-control authentication-table (EX Series switch)

    user@switch> show services unified-access-control authentication-table 

    Id    Source                            Username     Age      Role identifier
1     00-50-56-a4-5a-4c/10.25.0.223     t            0        0000000001.000005.0 
Total: 1

    show services unified-access-control authentication-table detail (EX Series switch)

    user@switch> show services unified-access-control authentication-table detail 

    Identifier: 1
  Source: 00-50-56-a4-5a-4c/10.25.0.223
  Username: t
  Age: 0
  Role identifier       Role name
    0000000001.000005.0 Users
Total: 1

    Published: 2012-12-06

    Previous Page Next Page