Chapter 39 AAA Server

Table 193 Configuration > Object > AAA Server > RADIUS > Add (continued)

LABEL

DESCRIPTION

Timeout

Specify the timeout period (between 1 and 300 seconds) before the

 

ZyWALL disconnects from the RADIUS server. In this case, user

 

authentication fails.

 

Search timeout occurs when either the user information is not in the

 

RADIUS server or the RADIUS server is down.

 

 

Key

Enter a password (up to 15 alphanumeric characters) as the key to be

 

shared between the external authentication server and the ZyWALL.

 

The key is not sent over the network. This key must be the same on the

 

external authentication server and the ZyWALL.

 

 

Group

A RADIUS server defines attributes for its accounts. Select the name and

Membership

number of the attribute that the ZyWALL is to check to determine to

Attribute

which group a user belongs. If it does not display, select user-defined

 

and specify the attribute’s number.

 

This attribute’s value is called a group identifier; it determines to which

 

group a user belongs. You can add ext-group-useruser objects to

 

identify groups based on these group identifier values.

 

For example you could have an attribute named “memberOf” with values

 

like “sales”, “RD”, and “management”. Then you could also create a ext-

 

group-useruser object for each group. One with “sales” as the group

 

identifier, another for “RD” and a third for “management”.

 

 

OK

Click OK to save the changes.

 

 

Cancel

Click Cancel to discard the changes.

 

 

626

 

ZyWALL USG 50 User’s Guide