Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

TACACS+ privileges with Juniper

franlara521
Occasional Visitor
‎06-25-2019 07:35:AM
‎06-25-2019 07:35:AM

TACACS+ privileges with Juniper

Hello,

 

I am trying to configure TACACS+ Pulse Secure appliance (PSA-5000). I am not sure if the shell policies work fine with the Juniper devices, I would need to apply them to separate admin roles from the read-only ones.

 

As far as I remember there was some kind of attributes that Juniper use for authentication that was not supported in the past.

 

Is this still happening?

 

Thanks and regards,

 

Fran

Labels:
0 Kudos
1 REPLY 1
EstherdTM
New Contributor
‎04-12-2021 05:32:AM
‎04-12-2021 05:32:AM

Re: TACACS+ privileges with Juniper

Hello Fran,

 

To configure the shell rules for Juniper devices in the PSA-5000 (Endpoint Policy > Network Device Administration > Shell policies), it's important you fill in the "service" field as "junos-exec" and then, the custom attributes you want to include from the avialble ones:

 

service = junos-exec {
      local-user-name = <username-local-to-router>
      allow-commands = "<allow-commands-regex>"
      allow-configuration-regexps = "<allow-configuration-regex>"
      deny-commands = "<deny-commands-regex>"
      deny-configuration-regexps = "<deny-configuration-regex>"
}

 

I tried myself and it's working fine.

BR,

Esther

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.