ZyXEL ZYWALL USG 100 User Guide - Page 122
How to Use a RADIUS Server to Authenticate User Accounts based on Groups
View all ZyXEL ZYWALL USG 100 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 122 highlights
Chapter 6 Maintenance 6.2 How to Use a RADIUS Server to Authenticate User Accounts based on Groups The previous example showed how to have a RADIUS server authenticate individual user accounts. If the RADIUS server has different user groups distinguished by the value of a specific attribute, you can make a couple of slight changes in the configuration to have the RADIUS server authenticate groups of user accounts defined in the RADIUS server. 1 Click Configuration > Object > AAA Server > RADIUS. Double-click the radius entry. Besides configuring the RADIUS server's address, authentication port, and key; set the Group Membership Attribute field to the attribute that the ZyWALL is to check to determine to which group a user belongs. This example uses Class. This attribute's value is called a group identifier; it determines to which group a user belongs. In this example the values are Finance, Engineer, Sales, and Boss. 2 Now you add ext-group-user user objects to identify groups based on the group identifier values. Set up one user account for each group of user accounts in the RADIUS server. Click Configuration > Object > User/Group > User. Click the Add icon. Enter a user name and set the User Type to ext-group-user. In the Group Identifier field, enter Finance and set the Associated AAA Server Object to radius. 122 ZyWALL USG100-PLUS User's Guide