Chapter 6 Tutorials
6.5 How to Configure User-aware Access Control
You can configure many policies and security settings for specific users or groups of users. This is illustrated in the following example, where you will set up the following policies. This is a simple example that does not include priorities for different types of traffic. See Bandwidth Management on page 444 for more on bandwidth management.
Table 31
GROUP (USER) | WEB SURFING | WEB | MSN | |
BANDWIDTH | ACCESS | |||
Finance (Leo) | Yes | 200K | No | Yes |
|
|
|
|
|
Engineer (Steven) | Yes | 100K | No | No |
|
|
|
|
|
Sales (Debbie) | Yes | 100K | Yes | Yes |
|
|
|
|
|
Boss (Andy) | Yes | 100K | Yes | Yes |
|
|
|
|
|
Guest (guest) | Yes | 50K | No | No |
|
|
|
|
|
Others | No | No | No | |
|
|
|
|
|
The users are authenticated by an external RADIUS server at 192.168.1.200.
First, set up the user accounts and user groups in the ZyWALL. Then, set up user authentication using the RADIUS server. Finally, set up the policies in the table above.
The ZyWALL has its default settings.
6.5.1 How to Set Up User Accounts
Set up one user account for each user account in the RADIUS server. If it is possible to export user names from the RADIUS server to a text file, then you might create a script to create the user accounts instead. This example uses the web configurator.
1Click Object > User/Group > User. Click the Add icon.
2Enter the same user name that is used in the RADIUS server, and set the User Type to
Figure 84 Object > User/Group > User > Add
3Repeat this process to set up the remaining user accounts.
6.5.2How to Set Up User Groups
Set up the user groups and assign the users to the user groups.
1Click Object > User/Group > Group. Click the Add icon.
148 |
| |
ZyWALL USG 100/200 Series User’s Guide |
| |
|
|
|