Juniper routers can generate and send flow records to a management server. This feature allows the administrator to monitor all the traffic that flows through the router, giving him a better picture of the users’ behavior and also enabling every connection originated or destined to that particular autonomous system to be recorded for compliance requirements.
This article shows how to configure a Juniper router to authenticate users on a RADIUS server.
1. Configure the router with the RADIUS server information:
[edit system] set system radius-server 10.0.12.1 port 1812 set system radius-server 10.0.12.1 secret yourpassword set system radius-server 10.0.12.1 timeout 5 set system radius-server 10.0.12.1 retry 3 set system radius-server 10.0.12.1 source-address 192.168.120.4
In this case, the RADIUS server is with the IP address of 10.0.12.1, UDP port 1812.
A few show commands to verify the performance of routers with JUNOS: Continue reading “Verifying Performance on Juniper”
- This command will start capturing packets on the given interface and save the capture in the file capture.pcap.
monitor traffic interface ge-1/0/1.0 extensive matching "dst host 126.96.36.199" no-resolve print-ascii write-file capture.pcap
This article shows 2 ways to control the path of packets leaving an autonomous system:
- Changing the exit route to a given prefix
- Changing the exit route to a given autonomous system
The commands below are related to the following diagram: Continue reading “BGP Path Control on Junos”