Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SBR] How to use LCI to query IP Pools in SBR

0

0

Article ID: KB34297 KB Last Updated: 28 May 2019Version: 1.0
Summary:

SBR Administrators and Network Operations can monitor IP Pools in SBR by utilizing LCI (LDAP Configuration Interface).

Please refer to Juniper's technical documentation on LDAP Configuration Interface Overview.

The LCI provided by Steel-Belted Radius Carrier consists of an LDAP interface in the Steel-Belted Radius Carrier server and an LDAP virtual schema. The LDAP virtual schema presents the structure of the Steel-Belted Radius Carrier database in a manner that can be understood by the LDAP client utilities. The LCI uses the virtual schema to retrieve, modify, and delete entries in the database.

Solution:

Perform the following steps:

OR

  • Edit radius.ini
 
  1. Login to SBR and navigate to /opt/JNPRsbr/radius and edit radius.ini

  2. Enable LCI in the following section:

    ; Enabling LCI without changing the access password may leave your SBR
    ; database accessible by any LDAP client. Read the "LDAP Configuration
    ; Interface" chapter of the Steel-Belted Radius Administration Guide
    ; before enabling this feature.
    Enable=1
    TCPPort=667
  3. Restart the RADIUS process:

    ./sbrd restart radius
  4. Once SBR is up and operational again, execute the following command on the SBR server (Depending on ldapsearch package that is installed in OS, ldapsearch options may differ):

    ldapsearch -P2 -h localhost -p667 -D "cn=admin,o=radius" -w <LCI Password> -s sub -b "radiusclass=ip-addr-pool,o=radius" radiusname="*"

    Note: ldapsearch does not need to be run on the SBR Server or the Working RADIUS Directory**

    This will output information about SBR IP Pool information and available resources.

    Example:

    # TEST_POOL, IP-Addr-Pool, radius
    dn: radiusname=TEST_POOL,radiusclass=IP-Addr-Pool,o=radius
    objectclass: top
    objectclass: IP-Addr-Pool
    radiusname: TEST_POOL
    range: 10.0.0.1:24
    total: 24
    available: 24
    
    # search result
    search: 2
    result: 0 Success
    
    # numResponses: 2
    # numEntries: 1
 

For more information on LCI, please review the SBR Admin Guide

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search