Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SBR] How to restrict management or admin access to the firewall

0

0

Article ID: KB23196 KB Last Updated: 08 Mar 2017Version: 3.0
Summary:
This article provides information on how to restrict management access to users on the firewall (for example, Cisco PIX and so on).
Symptoms:
How to restrict management access to users on the firewall (for example, Cisco PIX and so on).
Cause:
  • Usually when devices, such as a Cisco switch or router, are added, they require specific attributes in a access-response packet from SBR to provide management access to the particular device.

  • But when the device is added as a Radius client on SBR, they do not require any special attribute; so management access is provided to all users, which ideally should be limited to only the Network Administrator.
Solution:
Perform the following procedure to provide access to only administrators:

  1. Add the required network administrators as Administrators via the SBR GUI.


  2. On the left pane, click Profile and then Add.


  3. The Add Profile window is displayed. Create a profile, in which the administrators will be added under the Check List tab. Click Add, search for the User-Name attribute, and then click Add in the Add Check List Attribute window. After the attribute is added, click Close.







  4. You will see that the User-Name attribute has been successfully added under the Check List tab.


  5. You now have to apply the profile, on which the restriction is required. Highlight the required radius client (firewall) and click Edit.


  6. In the Edit RADIUS Client window, select the Use Profile checkbox, select the required profile from the drop-down menu, and click OK.


  7. Now only the admin users mentioned earlier will have management access and not everyone.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search