Directory Service (Ad/Ldap); Radius Server; Asas - ZyXEL Communications USG40 User Manual
Usg series
Hide thumbs
Also See for USG40:
- User manual (994 pages) ,
- Handbook (810 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
AAA server objects in configuring ext-group-user user objects and authentication method objects
(see
Chapter 32 on page
32.8.1 Directory Service (AD/LDAP)
LDAP/AD allows a client (the ZyWALL/USG) to connect to a server to retrieve information from a
directory. A network example is shown next.
Figure 380 Example: Directory Service Client and Server
The following describes the user authentication procedure via an LDAP/AD server.
A user logs in with a user name and password pair.
1
The ZyWALL/USG tries to bind (or log in) to the LDAP/AD server.
2
When the binding process is successful, the ZyWALL/USG checks the user information in the
3
directory against the user name and password pair.
If it matches, the user is allowed access. Otherwise, access is blocked.
4
32.8.2 RADIUS Server
RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to
authenticate users by means of an external server instead of (or in addition to) an internal device
user database that is limited to the memory capacity of the device. In essence, RADIUS
authentication allows you to validate a large number of users from a central location.
Figure 381 RADIUS Server Network Example
32.8.3 ASAS
ASAS (Authenex Strong Authentication System) is a RADIUS server that works with the One-Time
Password (OTP) feature. Purchase a ZyWALL/USG OTP package in order to use this feature. The
Chapter 32 Object
576).
ZyWALL/USG Series User's Guide
568
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
