Network Security - Set the source address for all route engine generated traffic - accounting tacplus-server

Information

Many services (NTP, SNMP, RADIUS, etc.) can be configured with a source-address option which allows you to statically configure the source address to use for communication. In those circumstances the source address becomes the one that is specified with the source-address argument (provided the address is a valid address specified on the interface of a router), otherwise default-address-selection influences the default source address selection.

Solution

Configure source address for tacplus server accounting traffic.

user@host# edit system accounting destination tacplus server <SERVER_ADDRESS>
user@host# set source-address <IP_ADDRESS>

See Also

http://www.juniper.net/us/en/training/jnbooks/day-one/fundamentals-series/hardening-junos-devices-checklist/

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2

Plugin: Juniper

Control ID: dea3427215079790cd7f1cef4e7c6292c17050fa174104d50833217d339f87a6