[j-nsp] M7i LNS - setting a firewall filter with a RADIUS attribute
Octavio Alfageme
octavio.alfageme at gmail.com
Tue Jul 29 03:07:18 EDT 2014
Hello everyone,
We have several M7is acting as LNSs and running JunOS 11.1R3.5, release
that didn’t support dynamic-profiles for L2TP. I want to set different
input firewall filters for subscribers according to their respective RADIUS
profile. A sample firewall filter would be as simple as:
family inet {
filter 101 {
interface-specific;
term forbidden {
from {
address {
X.X.X.X/X;
}
}
then {
reject;
}
}
term default-term {
then accept;
}
}
}
May you, please, tell me which RADIUS attribute to use in an M7i not using
dynamic-profiles? I’ve checked the documentation and seen different VSAs
like Ingress-poliy-name, Unisphere- Ingress-poliy-name or
Juniper-Firewall-filter-name, but I’m not sure about which one to use.
Thanks in advance
Octavio
More information about the juniper-nsp
mailing list