Figure 389 Example: Directory Service Client And Server; User Authentication Method; Directory Service (Ad/Ldap) Overview; Directory Structure - ZyXEL Communications Unified Security Gateway ZyWALL 300 User Manual

Chapter 38 AAA Server
5 Configure the ASAS as a RADIUS server in the ZyWALL's Object > AAA Server
screens.
6 Give the OTP tokens to (local or remote) users.

38.1.2 User Authentication Method

You can select to authenticate users using the local user database and/or a specified
authentication server. By default, user accounts created and stored on the ZyWALL are
authenticated locally.

38.2 Directory Service (AD/LDAP) Overview

LDAP/AD allows a client (the ZyWALL) to connect to a server to retrieve information from a
directory. A network example is shown next.

Figure 389 Example: Directory Service Client and Server

The following describes the user authentication procedure via an LDAP/AD server.
1 A user logs in with a user name and password pair.
2 The ZyWALL tries to bind (or log in) to the LDAP/AD server.
3 When the binding process is successful, the ZyWALL checks the user information in the
directory against the user name and password pair.
4 If it matches, the user is allowed access. Otherwise, access is blocked.

38.2.1 Directory Structure

The directory entries are arranged in a hierarchical order much like a tree structure. Normally,
the directory structure reflects the geographical or organizational boundaries. The following
figure shows a basic directory structure branching from countries to organizations to
organizational units to individuals.
532
ZyWALL USG 300 User's Guide