To configure RADIUS (Remote Authentication Dial-In User Service) on Juniper switches, follow the steps outlined below. Please note that the specific commands and configuration may vary depending on the Juniper switch model and software version. It’s essential to adapt the instructions accordingly.

Step 1: Access the Juniper Switch Connect to the Juniper switch using a console cable or through SSH/Telnet.

Step 2: Enter Configuration Mode Enter the configuration mode by typing the following command:

configure

Step 3: Configure RADIUS Server Details Configure the RADIUS server details, including the IP address or hostname, RADIUS server port, and shared secret. Replace the placeholder values with the actual details relevant to your RADIUS server.

set system radius-server <server-ip> port <port-number>
set system radius-server <server-ip> secret “<shared-secret>”

Example:

set system radius-server 10.0.0.1 port 1812
set system radius-server 10.0.0.1 secret “radius_secret”

Step 4: Configure RADIUS Authentication Parameters Configure the authentication parameters for RADIUS on the switch. This includes specifying the primary RADIUS server and setting the authentication order.

set authentication-order [ radius password ]
set radius-options primary <server-ip>

Example:

set authentication-order radius password
set radius-options primary 10.0.0.1

Step 5: Apply RADIUS Authentication to Interfaces Specify the interfaces where RADIUS authentication should be applied. Replace <interface-name> with the actual interface name.

set interfaces <interface-name> unit 0 family ethernet-switching authentication-order [ radius password ]

Example:

set interfaces ge-0/0/1 unit 0 family ethernet-switching authentication-order radius password

Step 6: Commit Configuration Changes Commit the configuration changes to make them effective.

commit

Once the configuration is successfully applied, the Juniper switch will use RADIUS for authentication on the specified interfaces.

Please note that the above steps provide a basic configuration for RADIUS on Juniper switches. Depending on your specific requirements and network setup, additional configuration parameters and options may be needed.

Example with complete configuration :

configure
set system radius-server 10.0.0.1 port 1812
set system radius-server 10.0.0.1 secret “radius_secret”
set authentication-order radius password
set radius-options primary 10.0.0.1
set interfaces ge-0/0/1 unit 0 family ethernet-switching authentication-order radius password
commit

 

Below is the link to check radius configuration on VLAN or IRB

Configuring RADIUS on Juniper Switch Using Logical Interface (VLAN or IRB) – IP-NETWORK-BASICS (ipnetworkbasics.com)