ZyXEL Communications unified security gateway manual 261

LABEL

DESCRIPTION

Authentication

Select what the ZyWALL uses to authenticate the wireless clients.

Type

Select Auth Method to be able to specify an authentication method

object that you have already configured. The authentication method

can have the ZyWALL check a user’s user name and password against

the ZyWALL’s local database, a remote LDAP, RADIUS, a Active

Directory server, or more than one of these. See Chapter 38 on page

583 for how to create authentication method objects.

Select Auth Server to be able to manually specify a RADIUS server’s

settings in this screen instead of using an authentication method

object.

Authentication

This field displays if you set the Authentication Type field to Auth

Method

Method.

Select an authentication method object that defines how the ZyWALL

authenticates a wireless user. The ZyWALL’s default configuration also

includes an authentication method object named “default” that you

can use. You can configure the “default” authentication method object,

but it’s default configuration uses the ZyWALL’s local database for

authentication.

TTLS Certificate

This field displays if you select Authentication Method. Select the

certificate the ZyWALL uses to authenticate itself to the wireless

clients. The certificates you can select from are the ones already

configured in the My Certificates screen.

EAP-TTLS (Tunneled Transport Layer Service) is an extension of the

EAP-TLS authentication that uses certificates for only the server-side

authentications to establish a secure connection.

The wireless clients must use TTLS authentication protocol and PAP

inside the TTLS secure tunnel.

The RADIUS fields display if you set the Authentication Type field to

Auth Server.

Radius Server IP

Enter the IP address of the external authentication server in dotted

Address

decimal notation.

261

ZyWALL USG 20/20W User’s Guide