Radius Server Overview; Asas; What You Can Do Using The Aaa Screens - ZyXEL Communications ZyWall USG 2000 User Manual

Chapter 41 AAA Server

41.1.2 RADIUS Server Overview

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular
protocol used to authenticate users by means of an external server instead of (or
in addition to) an internal device user database that is limited to the memory
capacity of the device. In essence, RADIUS authentication allows you to validate a
large number of users from a central location.
Figure 434 RADIUS Server Network Example

41.1.3 ASAS

ASAS (Authenex Strong Authentication System) is a RADIUS server that works
with the One-Time Password (OTP) feature. Purchase a ZyWALL OTP package in
order to use this feature. The package contains server software and physical OTP
tokens (PIN generators). Do the following to use OTP. See the documentation
included on the ASAS' CD for details.
Install the ASAS server software on a computer.
1
Create user accounts on the ZyWALL and in the ASAS server.
2
Import each token's database file (located on the included CD) into the server.
3
Assign users to OTP tokens (on the ASAS server).
4
Configure the ASAS as a RADIUS server in the ZyWALL's Object > AAA Server
5
screens.
Give the OTP tokens to (local or remote) users.
6

41.1.4 What You Can Do Using The AAA Screens

• Use the Object > AAA Server > Active Directory (or LDAP) screens
41.2.1 on page
settings.
• Use the Object > AAA Server > RADIUS screen
to configure the default external RADIUS server to use for user authentication.
650
653) to configure the Active Directory or LDAP default server
(Section
(Section 41.4 on page
ZyWALL USG 2000 User's Guide
656)