Navigation
Supported Platforms
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
[edit access] Hierarchy Level
access {address-assignment {... the address-assignment subhierarchy appears after the main [edit access] hierarchy ...}address-pool name {(address address-or-prefix | address-range low lower-ipv4-address high upper-ipv4-address);primary-dns server-name;primary-wins server-name;secondary-dns server-name;secondary-wins server-name;}domain {delimiter delimiter-characters;map domain-map-name { ...the map subhierarchy appears at the end of the [edit access domain] hierarchy ...}parse-direction (left-to-right | right-to-left);map domain-map-name {aaa-logical-system logical-system-name <aaa-routing-instance routing-instance-name>;aaa-routing-instance routing-instance-name;access-profile profile-name;address-pool pool-name;dynamic-profile profile-name;padn destination-address {mask destination-mask;metric route-metric;}strip-domain;target-logical-system logical-system-name <target-routing-instance routing-instance-name>;target-routing-instance routing-instance-name;tunnel-profile profile-name;}}domain-name-server;domain-name-server-inet;domain-name-server-inet6;firewall-authentication {pass-through {default-profile profile-name;(ftp | http | telnet) {banner {fail message-text;login message-text;success message-text;}}}traceoptions {file filename <files number> <match regular-expression> <size maximum-file-size> <world-readable | no-world-readable>;flag flag;no-remote-trace;}web-authentication {banner {success message-text;}default-profile profile-name;}}group-profile group-profile-name {l2tp {interface-id interface-identifier;lcp-renegotiation;local-chap;maximum-sessions-per-tunnel number;multilink {drop-timeout milliseconds;fragment-threshold bytes;}}ppp {cell-overhead;encapsulation-overhead bytes;framed-pool pool-identifier;idle-timeout seconds;interface-id interface-identifier;keepalive seconds;primary-dns ipv4-address;primary-wins ipv4-address;secondary-dns ipv4-address;secondary-wins ipv4-address;}}gx-plus {global {max-outstanding-requests number;}}ldap-options {assemble {common-name name;}base-distinguished-name name;revert-interval seconds;search {admin-search {distinguished-name name;password password;}search-filter filter-name;}}ldap-server server-address {port port-number;retry attempts;routing-instance routing-instance-name;source-address address;timeout seconds;}profile profile-name {... the profile subhierarchy appears after the main [edit access] hierarchy ...}radius-disconnect {client-address {secret password;}}radius-disconnect-port port-number;radius-options {revert-interval seconds;}radius-server server-address {accounting-port port-number;port port-number;retry attempts;routing-instance routing-instance-name;secret password;source-address address;timeout seconds;}securid-server {server-name configuration-file filename;}terminate-code {(aaa | dchp | l2tp | ppp) term-reason radius term-cause;}tunnel-profile profile-name {tunnel tunnel-id {identification name;logical-system logical-system-name;max-sessions number;medium type;preference number;remote-gateway {address server-ip-address;gateway-name server-name;}routing-instance routing-instance-name;secret password;source-gateway {address client-ip-address;gateway-name client-name;}type tunnel-type;}}} access {address-assignment {location-pool pool-name {family inet {location index {address address;}}}neighbor-discovery-router-advertisement ndra-pool-name;pool pool-name {family (inet | inet6) {dhcp-attributes {boot-file filename;boot-server hostname;dns-server {ipv6-address;}domain-name domain-name;grace-period seconds;maximum-lease-time (seconds | infinite);name-server {address;}netbios-node-type (b-node | h-node | m-node | p-node);option option-index (array (byte | flag | integer | ip-address | short | string | unsigned-integer | unsigned-short) [ type-values ] | byte 8-bit-value | flag (false | off | on | true) | integer signed-32-bit-value | ip-address address | short signed-16-bit-value | string text-string | unsigned-integer 32-bit-value | unsigned-short 16-bit-value);option-match {option-82 {circuit-id id-number range range-name;remote-id id-number range range-name;}}router {address;}server-identifier ipv4-address;sip-server-address {ipv6-address;}sip-server-domain-name domain-name;tftp-server hostname;wins-server {address;}}host hostname {hardware-address mac-address;ip-address ip-address;}network ip-prefix</prefix-length>;prefix ipv6-prefix;range name {high upper-limit;low lower-limit;prefix-length prefix-length;}}link pool-name;}}} access {profile profile-name {accounting {accounting-stop-on-access-deny;accounting-stop-on-failure;coa-immediate-update;immediate-update;duplication;order [ accounting-methods ];statistics (time | volume-time);update-interval minutes;}accounting-order radius;authentication-order [ ldap password radius securid ];authorization-order jsrc;client client-name {chap-secret chap-secret;client-group [ group-names ];firewall-user {password password;}group-profile profile-name;ike {allowed-proxy-pair {local local-proxy-address remote remote-proxy-address;}ike-policy policy-name;initiate-dead-peer-detection;interface-id interface-id;ipsec-policy policy-name;ipsec-policy policy-name;pre-shared-key (ascii-text key-string | hexadecimal key-string);}l2tp {aaa-access-profile profile-name;interface-id interface-identifier;lcp-renegotiation;local-chap;maximum-sessions-per-tunnel number;multilink {drop-timeout milliseconds;fragment-threshold bytes;}ppp-authentication (chap | pap);ppp-profile profile-name;shared-secret shared-secret;}pap-password pap-password;ppp {cell-overhead;encapsulation-overhead bytes;framed-ip-address ip-address;framed-pool framed-pool;idle-timeout seconds;interface-id interface-identifier;keepalive seconds;primary-dns ipv4-address;primary-wins ipv4-address;secondary-dns ipv4-address;secondary-wins ipv4-address;}user-group-profile profile-name;}client-name-filter client-name {count number;domain-name domain-name;separator special-character;}domain-name-server;domain-name-server-inet;domain-name-server-inet6;ldap-options {assemble {common-name name;}base-distinguished-name name;revert-interval seconds;search {admin-search {distinguished-name name;password password;}search-filter filter-name;}}ldap-server server-address {port port-number;retry attempts;routing-instance routing-instance-name;source-address address;timeout seconds;}provisioning-order jsrc;radius {accounting-server [ ip-addresses ];authentication-server [ ip-address ];attributes {exclude {accounting-authentic [ accounting-on | accounting-off ];accounting-delay-time [ accounting-on | accounting-off ];accounting-session-id [ access-request | accounting-on | accounting-off | accounting-stop ];accounting-terminate-cause [ accounting-off ];called-station-id [ access-request | accounting-start | accounting-stop ];calling-station-id [ access-request | accounting-start | accounting-stop ];class [ accounting-start | accounting-stop ];dhcp-gi-address [ access-request | accounting-start | accounting-stop ];dhcp-mac-address [ access-request | accounting-start | accounting-stop ];dhcp-options [ access-request | accounting-start | accounting-stop ];downstream-calculated-qos-rate [ access-request | accounting-start | accounting-stop ]dsl-forum-attributes [ access-request | accounting-start | accounting-stop ]event-timestamp [ accounting-on | accounting-off | accounting-start | accounting-stop ];framed-ip-address [ accounting-start | accounting-stop ];framed-ip-netmask [ accounting-start | accounting-stop ];input-filter [ accounting-start | accounting-stop ];input-gigapackets [ accounting-stop ];input-gigawords [ accounting-stop ];interface-description [ access-request | accounting-start | accounting-stop ];nas-identifier [ access-request | accounting-on | accounting-off | accounting-start | accounting-stop ];nas-port [ access-request | accounting-start | accounting-stop ];nas-port-id [ access-request | accounting-start | accounting-stop ];nas-port-type [ access-request | accounting-start | accounting-stop ];output-filter [ accounting-start | accounting-stop ];output-gigapackets [ accounting-stop ];output-gigawords [ accounting-stop ];upstream-calculated-qos-rate [ access-request | accounting-start | accounting-stop ]}ignore {framed-ip-netmask;input-filter;logical-system-routing-instance;output-filter;}}authentication-server [ ip-addresses ];options {accounting-session-id-format (decimal | description);client-accounting-algorithm (direct | round-robin);client-authentication-algorithm (direct | round-robin);ethernet-port-type-virtual;interface-description-format {exclude-adapter;exclude-sub-interface;}nas-identifier identifier-value;nas-port-extended-format {adapter-width width;port-width width;slot-width width;stacked-vlan-width width;vlan-width width;}revert-interval interval;vlan-nas-port-stacked-format;}}radius-options {revert-interval seconds;}radius-server server-address {accounting-port port-number;port port-number;retry attempts;routing-instance routing-instance-name;secret password;source-address address;timeout seconds;}service {accounting-order (activation-protocol | radius);}session-options {client-group [ group-names ];client-idle-timeout minutes;client-session-timeout minutes;}}}
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
Published: 2012-11-26
Supported Platforms
Related Documentation
- EX, J, M, MX, PTX, SRX, T Series
- Notational Conventions Used in Junos OS Configuration Hierarchies
