A RADIUS server supports the following types of users and authentication features:
Auth users
L2TP users (authentication and remote settings)
XAuth users (authentication and remote settings)
Admin users (authentication and privilege assignments)
User groups
A RADIUS server can support all of the user types and features that the local database supports. Among the types of external auth-servers, RADIUS is the only one at this time with such broad support. For a RADIUS server to support such device-specific attributes as admin privileges, user groups, and remote L2TP and XAuth IP address, and DNS and WINS server address assignments, you must load a RADIUS Dictionary file that defines these attributes onto the RADIUS server.
A dictionary file defines vendor-specific attributes (VSAs) that you can load onto a RADIUS server. After defining values for these VSAs, the security device can then query them when a user logs in to the device. The security device VSAs include admin privileges, user groups, and remote L2TP and XAuth IP address, and DNS and WINS server address assignments. There are two RADIUS Dictionary files, one each for the Cisco and Funk Software RADIUS server types.
For more information on the RADIUS type of server, refer to the Concepts & Examples ScreenOS Reference Guide available on the documentation CD that shipped with your Juniper Networks product and also on the Juniper Networks documentation site.