user-firewall
Syntax
user-firewall {
access-profile profile-name;
domain domain-name
ssl-termination-profile profile-name;
}
Hierarchy Level
[edit security policies from-zone zone-name to-zone zone-name policy policy-name then permit firewall-authentication]
Description
Configure user role firewall authentication, and map the source IP address to the username and its associated roles (groups). The mapped data is written to the firewall authentication table for later retrieval by the user role firewall. The user role firewall uses the username and role information to determine whether to permit or deny a user's session or traffic.
Options
| access-profile profile-name | Specify the name of the access profile to be used for authentication. |
| domain domain-name | Specify the name of the domain where firewall authentication occurs in the event that the Windows Management Instrumentation client (WMIC) is not available to get IP-to-user mapping for the integrated user firewall feature. The maximum length is 65 bytes. |
| ssl-termination-profile profile-name | For HTTPS traffic, specify the name of the SSL termination profile used for SSL offloading. |
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 12.1X45-D10. Support for the domain keyword added in Junos OS Release 12.1X47-D10.