ZyXEL UAG715 User Guide - Page 382
AAA Server
View all ZyXEL UAG715 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 382 highlights
CHAPTER 33 AAA Server 33.1 Overview You can use a AAA (Authentication, Authorization, Accounting) server to provide access control to your network. The AAA server can be a Active Directory, LDAP, or RADIUS server. Use the AAA Server screens to create and manage objects that contain settings for using AAA servers. You use AAA server objects in configuring ext-group-user user objects and authentication method objects (see Chapter 34 on page 390). 33.1.1 Directory Service (AD/LDAP) LDAP/AD allows a client (the UAG) to connect to a server to retrieve information from a directory. A network example is shown next. Figure 253 Example: Directory Service Client and Server The following describes the user authentication procedure via an LDAP/AD server. 1 A user logs in with a user name and password pair. 2 The UAG tries to bind (or log in) to the LDAP/AD server. 3 When the binding process is successful, the UAG checks the user information in the directory against the user name and password pair. 4 If it matches, the user is allowed access. Otherwise, access is blocked. 33.1.2 RADIUS Server RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of the device. In essence, RADIUS authentication allows you to validate a large number of users from a central location. UAG715 User's Guide 382