Chapter 39 AAA Server

Use the Configuration > Object > AAA Server > RADIUS screen (Section 39.3 on page 623) to configure the default external RADIUS server to use for user authentication.

39.1.5What You Need To Know

AAA Servers Supported by the ZyWALL

The following lists the types of authentication server the ZyWALL supports.

Local user database

The ZyWALL uses the built-in local user database to authenticate administrative users logging into the ZyWALL’s Web Configurator or network access users logging into the network through the ZyWALL. You can also use the local user database to authenticate VPN users.

Directory Service (LDAP/AD)

LDAP (Lightweight Directory Access Protocol)/AD (Active Directory) is a directory service that is both a directory and a protocol for controlling access to a network. The directory consists of a database specialized for fast information retrieval and filtering activities. You create and store user profile and login information on the external server.

RADIUS

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to authenticate users by means of an external or built-in RADIUS server. RADIUS authentication allows you to validate a large number of users from a central location.

Directory Structure

The directory entries are arranged in a hierarchical order much like a tree structure. Normally, the directory structure reflects the geographical or

 

619

ZyWALL USG 50 User’s Guide