ZyXEL Communications UAG5100 User Manual page 326
Unified access gateway
Hide thumbs
Also See for UAG5100:
- User manual (617 pages) ,
- Firmware release notes (29 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Note: The default admin account is always authenticated locally, regardless of the
authentication method setting. (See
about authentication methods.)
Ext-User Accounts
Set up an ext-user account if the user is authenticated by an external server and you want to set
up specific policies for this user in the UAG. If you do not want to set up policies for this user, you
do not have to set up an ext-user account.
All ext-user users should be authenticated by an external server, such as RADIUS. If the UAG tries
to use the local database to authenticate an ext-user, the authentication attempt always fails.
(This is related to AAA servers and authentication methods, which are discussed in
page 368
and
Chapter 38 on page
Note: If the UAG tries to authenticate an ext-user using the local database, the attempt
always fails.
Once an ext-user user has been authenticated, the UAG tries to get the user type (see
on page
325) from the external server. If the external server does not have the information, the
UAG sets the user type for this session to User.
For the rest of the user attributes, such as reauthentication time, the UAG checks the following
places, in order.
User account in the remote server.
1
User account (Ext-User) in the UAG.
2
Default user account for RADIUS users (radius-users) in the UAG.
3
See
Setting up User Attributes in an External Server on page 337
set up the attributes in an external server.
Ext-Group-User Accounts
Ext-Group-User accounts are similar to ext-user accounts but allow you to group users by the
value of the group membership attribute configured for the RADIUS server. See
page 369
for more on the group membership attribute.
Dynamic-Guest Accounts
Dynamic guest accounts are guest accounts, but are created dynamically and stored in the UAG's
local user database. A dynamic guest account has a dynamically-created user name and password.
A dynamic guest account user can access the UAG's services only within a given period of time and
will become invalid after the expiration date/time.
There are three types of dynamic guest accounts depending on how they are created or
authenticated: billing-users, ua-users and trial-users.
billing-users are guest account created with the guest manager account or an external printer and
paid by cash or created and paid via the on-line payment service. ua-users are users that log in
Chapter 32 User/Group
Chapter 38 on page 372
372, respectively.)
UAG5100 User's Guide
326
for more information
Chapter 37 on
Table 143
for a list of attributes and how to
Section 37.2.1 on
Advertisement
Table of Contents
Troubleshooting
