Configuring the RAD-Series RADIUS Server and RADIUS Clients
For RAD-Series RADIUS Server and RADIUS clients (JUNOSe router and the SAE software) to communicate, you must configure both the client and the server.
Configuring the RAD-Series RADIUS Server
The RADIUS server must be able to communicate with the RADIUS clients. The following information about all RADIUS clients connected to the RADIUS server must be known to the RADIUS server:
- IP address of the RADIUS client
- RADIUS shared secret to be exchanged between RAD-Series RADIUS Server and the client
- Model (vendor) of the RADIUS client
Although the Administration panes allow you to create new clients, we recommend that you edit the /opt/aaa/etc/clients file when creating new access devices. The client file should resemble the following:
#Client Name Key [type] [version] [prefix]#---------------- --------------- --------------- --------- --------# SAE Client 192.23.3.10 secret type=Juniper:NAS v1# Juniper ERX node (Enable the Juniper extensions)192.23.3.1 secret type=Juniper:NAS v1
NOTE: The Administration panes do use Juniper in the vendor list. Without changing some HTML files, creating the Juniper RADIUS client will not work when you use the Administration panes.
Configuring RADIUS Clients
Each RADIUS client must be able to contact its RADIUS server. The following information is required for client/server communication:
- IP address of the RADIUS server
- RADIUS shared secret to be exchanged between RAD-Series RADIUS Server and the RADIUS client
- UDP ports on which the RADIUS client sends and receives RADIUS authentication and accounting packets. The ports must match the server configuration.
The RADIUS client configuration of the JUNOSe router is described in the JUNOSe Broadband Access Configuration Guide.