Aaa Server Overview; Directory Service (Ad/Ldap); Radius Server - ZyXEL Communications ZyWall ATP series User Manual

Table 273 Configuration > Schedule > Schedule Group > Add
LABEL
OK
Cancel

34.9 AAA Server Overview

You can use a AAA (Authentication, Authorization, Accounting) server to provide access control to your
network. The AAA server can be a Active Directory, LDAP, or RADIUS server. Use the AAA Server screens
to create and manage objects that contain settings for using AAA servers. You use AAA server objects in
configuring ext-group-user user objects and authentication method objects (see
647).

34.9.1 Directory Service (AD/LDAP)

LDAP/AD allows a client (the Zyxel Device) to connect to a server to retrieve information from a
directory. A network example is shown next.
Figure 418 Example: Directory Service Client and Server
The following describes the user authentication procedure via an LDAP/AD server.
A user logs in with a user name and password pair.
1
The Zyxel Device tries to bind (or log in) to the LDAP/AD server.
2
When the binding process is successful, the Zyxel Device checks the user information in the directory
3
against the user name and password pair.
If it matches, the user is allowed access. Otherwise, access is blocked.
4

34.9.2 RADIUS Server

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to
authenticate users by means of an external server instead of (or in addition to) an internal device user
database that is limited to the memory capacity of the device. In essence, RADIUS authentication
allows you to validate a large number of users from a central location.
Chapter 34 Object
DESCRIPTION
Click OK to save your changes back to the Zyxel Device.
Click Cancel to exit this screen without saving your changes.
ZyWALL ATP Series User's Guide
638
Chapter 34 on page