Configuring the Merit AAA Server and RADIUS Clients
For the Merit AAA server and RADIUS clients (JUNOSe router and the SAE software) to communicate, you must configure both the client and the server.
Configuring the Merit AAA Server
The RADIUS server must be able to communicate with the RADIUS clients. The following information about all RADIUS clients connected to the RADIUS server must be known to the RADIUS server:
- IP address of the RADIUS client
- RADIUS shared secret to be exchanged between Merit AAA and the client
- Model (vendor) of the RADIUS client
Configure this information by editing the /opt/UMC/radius/etc/clients file. The client file should look like the following:
#Client Name Key [type] [version] [prefix]#---------------- -------------- --------------- ------- --------# SSP Client 192.23.3.10 secret type=Juniper:NAS v1# Juniper ERX node (Enable the Juniper extensions)192.23.3.1 secret type=Juniper:NAS v1Configuring RADIUS Clients
Each RADIUS client must be able to contact its RADIUS server. The following information is required for client/server communication:
- IP address of the RADIUS server
- RADIUS shared secret to be exchanged between the Merit AAA server and the client
- UDP ports on which the client sends and receives RADIUS authentication and accounting packets. They must match the server configuration.
The RADIUS client configuration of the JUNOSe router is described in the JUNOSe Broadband Access Configuration Guide.
The RADIUS client configuration of the SAE is described in the SDX Getting Started Guide.