![](/images/backgrounds/126970/126970-902625x1.png)
39
AAA Server
39.1 Overview
You can use a AAA (Authentication, Authorization, Accounting) server to provide access control to your network. The AAA server can be a Active Directory, LDAP, or RADIUS server. Use the AAA Server screens to create and manage objects that contain settings for using individual AAA servers or groups of AAA servers. You use AAA server objects in configuring authentication method objects (see Chapter 40 on page 635).
39.1.1 Directory Service (AD/LDAP) Overview
LDAP/AD allows a client (the ZyWALL) to connect to a server to retrieve information from a directory. A network example is shown next.
Figure 461 Example: Directory Service Client and Server
The following describes the user authentication procedure via an LDAP/AD server.
1A user logs in with a user name and password pair.
2The ZyWALL tries to bind (or log in) to the LDAP/AD server.
3When the binding process is successful, the ZyWALL checks the user information in the directory against the user name and password pair.
4If it matches, the user is allowed access. Otherwise, access is blocked.
39.1.2RADIUS Server Overview
RADIUS (Remote Authentication
| 625 |
ZyWALL USG 100/200 Series User’s Guide | |
|
|