Local Auth Server Configuration

All Juniper Networks security devices support a built-in user database for authentication. When you define a user on the security device, the device enters the user name and password in its local database. The local database is the default authentication server (auth server) for all types of authentication.

The local database supports the following types of users and authentication features:

  • Auth users

  • IKE users

  • Admin users

  • L2TP users

  • WebAuth

  • Admin privileges

  • XAuth users

  • User groups

  • Manual Key users

  • Group expressions You define the group expressions on the security device, but the users and user groups must be stored on an external RADIUS auth server. For more information about group expressions, see Group Expression List.

 

 

By default, the local database authentication idle timeout for both admins and auth users is 10 minutes. However, you can change the timeout.

To Modify idle Timeout

  1. Enter a number in the Timeout field. The value is in minutes.

  2. Click Apply to save your setting.

Forced timeout, unlike idle timeout, does not depend on the idleness of the user, but on an absolute timeout after which access for the authenticated user is terminated. The auth table entry for the user is removed, as are all associated sessions for the auth table entry.

The default is 0 (disabled), the range is 0 to 10000 (6.9 days).

To ModifyForced Timeout

  1. Enter a number in the Forced Timeout field. The value is in minutes.

  2. Click Apply to save your setting.