Chapter 6 Configuration Basics

The following table introduces the objects. You can also use this table when you want to delete an object because you have to delete references to the object first.

Table 16 Objects Overview

OBJECT

WHERE USED

user/group

See the User/Group section on page 104 for details on users and user

 

groups.

 

 

address

VPN connections (local / remote network, NAT), policy routes

 

(criteria, next-hop [HOST], NAT), authentication policies, firewall,

 

content filter, NAT (HOST), user settings (force user authentication),

 

address groups, remote management (System)

 

 

address group

Policy routes (criteria), firewall, content filter, user settings (force

 

user authentication), address groups, remote management (System)

 

 

service, service

Policy routes (criteria, port triggering), firewall, service groups, log

group

(criteria)

 

 

schedule

Policy routes (criteria), authentication policies, firewall, content filter,

 

user settings (force user authentication)

 

 

AAA server

Authentication methods

 

 

authentication

VPN gateways (extended authentication), WWW (client

methods

authentication)

 

 

certificates

VPN gateways, WWW, SSH, FTP

 

 

SSL Application

SSL VPN

 

 

Endpoint Security

Authentication policies, SSL VPN

 

 

6.6.1 User/Group

Use these screens to configure the ZyWALL’s administrator and user accounts. The ZyWALL provides the following user types.

Table 17 User Types

TYPE

ABILITIES

admin

Change ZyWALL configuration (web, CLI)

 

 

limited-admin

Look at ZyWALL configuration (web)

 

 

user

Access network services, browse user-mode commands (CLI)

 

 

guest

Access network services

 

 

ext-user

The same as a user or a guest except the ZyWALL looks for the

 

specific type in an external authentication server. If the type is not

 

available, the ZyWALL applies default settings.

 

 

ext-group-user

External group user account.

 

 

If you want to force users to log in to the ZyWALL before the ZyWALL routes traffic for them, you might have to configure prerequisites first.

MENU ITEM(S)

Object > User/Group

PREREQUISITES

Addresses, address groups, schedules. The prerequisites are only

used in policies to force user authentication

 

 

104

 

ZyWALL USG 20/20W User’s Guide