ZyXEL Communications unified security gateway 6.6.1 User/Group

OBJECT

WHERE USED

user/group

See the User/Group section on page 104 for details on users and user

groups.

address

VPN connections (local / remote network, NAT), policy routes

(criteria, next-hop [HOST], NAT), authentication policies, firewall,

content filter, NAT (HOST), user settings (force user authentication),

address groups, remote management (System)

address group

Policy routes (criteria), firewall, content filter, user settings (force

user authentication), address groups, remote management (System)

service, service

Policy routes (criteria, port triggering), firewall, service groups, log

group

(criteria)

schedule

Policy routes (criteria), authentication policies, firewall, content filter,

user settings (force user authentication)

AAA server

Authentication methods

authentication

VPN gateways (extended authentication), WWW (client

methods

authentication)

certificates

VPN gateways, WWW, SSH, FTP

SSL Application

SSL VPN

Endpoint Security

Authentication policies, SSL VPN

TYPE

ABILITIES

admin

Change ZyWALL configuration (web, CLI)

limited-admin

Look at ZyWALL configuration (web)

user

Access network services, browse user-mode commands (CLI)

guest

Access network services

ext-user

The same as a user or a guest except the ZyWALL looks for the

specific type in an external authentication server. If the type is not

available, the ZyWALL applies default settings.

ext-group-user

External group user account.

MENU ITEM(S)

Object > User/Group

PREREQUISITES

Addresses, address groups, schedules. The prerequisites are only

used in policies to force user authentication

104

ZyWALL USG 20/20W User’s Guide