User Authentication Overview; What You Need To Know - ZyXEL Communications USG FLEX H Series User Manual

Table 170 User & Authentication > User/Group > Setting (continued)
LABEL
Reach maximum number
per account
User Lockout Settings
Enable logon retry limit
enable
Maximum retry count
Lockout period
Apply
Reset

23.2 User Authentication Overview

This section describes how to set up AAA server and two-factor authentication.
• Use the AAA Server screen (see
server to use for user authentication.
• Use the Two-factor Authentication screen (see
security to access a secured network behind the Zyxel Device.

23.2.1 What You Need To Know

AAA Servers Supported by the Zyxel Device
The following lists the types of authentication server the Zyxel Device supports.
• Local user database
The Zyxel Device uses the built-in local user database to authenticate administrative users logging into
the Zyxel Device's Web Configurator or network access users logging into the network through the
Zyxel Device. You can also use the local user database to authenticate VPN users.
• RADIUS
RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to
authenticate users by means of an external or built-in RADIUS server. RADIUS authentication allows
you to validate a large number of users from a central location.
Chapter 23 User & Authentication
DESCRIPTION
Set the action the Zyxel Device will take when the limit you set for the numbers
of simultaneous logins by admin users or non-admin users has exceeded.
Select Block to have the Zyxel Device block any accounts that try to log in.
Select Remove previous user and login to have the Zyxel Device remove the
most recently login account
Enable to set a limit on the number of times each user can login unsuccessfully
(for example, wrong password) before the IP address is locked out for a
specified amount of time.
This field is effective when Enable logon retry limit is checked. Type the
maximum number of times each user can login unsuccessfully before the IP
address is locked out for the specified lockout period. The number must be
between 1 and 99.
This field is effective when Enable logon retry limit is checked. Type the number
of minutes the user must wait to try to login again, if logon retry limit is enabled
and the maximum retry count is reached. This number must be between 1 and
65,535 (about 45.5 days).
Click Apply to save the changes.
Click Reset to return the screen to its last-saved settings.
Section 23.3 on page
Section 23.4 on page
USG FLEX H Series User's Guide
342
343) to configure the default external RADIUS
347) to have double-layer