ZyXEL Communications UAG4100 User Manual page 231
Unified access gateway
Hide thumbs
Also See for UAG4100:
- User manual (451 pages) ,
- Application note (67 pages) ,
- Support notes (60 pages)
Table of Contents
Advertisement
In the Web Authentication Policy Summary section, click the Add icon.
4
Set up a default policy that forces every user to log into the UAG before the UAG routes traffic for
5
them. Select Enable Policy. Set the Authentication field to required, and make sure Force
User Authentication is selected. Keep the rest of the default settings, and click OK.
Note: The users must log in at the Web Configurator login screen before they can use
HTTP or MSN.
Figure 155 Configuration > Web Authentication > Add
When the users try to browse the web (or use any HTTP application), the login screen appears.
They have to log in using the user name and password in the RADIUS server.
24.2.2.4 User Group Authentication Using the RADIUS Server
The previous example showed how to have a RADIUS server authenticate individual user accounts.
If the RADIUS server has different user groups distinguished by the value of a specific attribute,
you can make a couple of slight changes in the configuration to have the RADIUS server
authenticate groups of user accounts defined in the RADIUS server.
Click Configuration > Object > AAA Server > RADIUS. Double-click the radius entry. Besides
1
configuring the RADIUS server's address, authentication port, and key; set the Group
Membership Attribute field to the attribute that the UAG is to check to determine to which group
a user belongs. This example uses Class. This attribute's value is called a group identifier; it
determines to which group a user belongs. In this example the values are Finance, Engineer, Sales,
and Boss.
Chapter 24 Web Authentication
UAG4100 User's Guide
231
Advertisement
Table of Contents
Troubleshooting
