Chapter 7 Tutorials

 

Table 20 User-aware Access Control Example (continued)

 

 

 

 

GROUP (USER)

WEB

WEB

MSN

 

LAN-TO-DMZ

 

 

SURFING

BANDWIDTH

 

ACCESS

 

 

Guest (guest)

Yes

50K

No

 

No

 

 

 

 

 

 

 

 

 

 

Others

No

---

No

 

No

 

 

 

 

 

 

 

 

 

The users are authenticated by an external RADIUS server at 192.168.1.200.

First, set up the user accounts and user groups in the ZyWALL. Then, set up user authentication using the RADIUS server. Finally, set up the policies in the table above.

The ZyWALL has its default settings.

7.7.1 Set Up User Accounts

Set up one user account for each user account in the RADIUS server. If it is possible to export user names from the RADIUS server to a text file, then you might create a script to create the user accounts instead. This example uses the Web Configurator.

1Click Configuration > Object > User/Group > User. Click the Add icon.

2Enter the same user name that is used in the RADIUS server, and set the User Type to ext-userbecause this user account is authenticated by an external server. Click OK.

Figure 100 Configuration > Object > User/Group > User > Add

3Repeat this process to set up the remaining user accounts.

 

145

ZyWALL USG 300 User’s Guide