ZyXEL ZyWALL ATP700 User Guide - Page 715
Auth. Method Overview
View all ZyXEL ZyWALL ATP700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 715 highlights
Chapter 34 Object Table 295 Configuration > Object > AAA Server > RADIUS > Add (continued) LABEL DESCRIPTION Group Membership Attribute A RADIUS server defines attributes for its accounts. Select the name and number of the attribute that the Zyxel Device is to check to determine to which group a user belongs. If it does not display, select user-defined and specify the attribute's number. This attribute's value is called a group identifier; it determines to which group a user belongs. You can add ext-group-user user objects to identify groups based on these group identifier values. OK Cancel For example you could have an attribute named "memberOf" with values like "sales", "RD", and "management". Then you could also create a ext-group-user user object for each group. One with "sales" as the group identifier, another for "RD" and a third for "management". Click OK to save the changes. Click Cancel to discard the changes. 34.10 Auth. Method Overview Authentication method objects set how the Zyxel Device authenticates wireless, HTTP/HTTPS clients, and peer IPSec routers (extended authentication) clients. Configure authentication method objects to have the Zyxel Device use the local user database, and/or the authentication servers and authentication server groups specified by AAA server objects. By default, user accounts created and stored on the Zyxel Device are authenticated locally. • Use the Configuration > Object > Auth. Method screens (Section 34.10.3 on page 716) to create and manage authentication method objects. • Use the Configuration > Object > Auth. Method > Two-Factor Authentication screen (Section 34.10.4 on page 718) to configure double-layer security to access a secured network behind the Zyxel Device via a VPN tunnel, Web Configurator, SSH, or Telnet. 34.10.1 Before You Begin Configure AAA server objects before you configure authentication method objects. 34.10.2 Example: Selecting a VPN Authentication Method After you set up an authentication method object in the Auth. Method screens, you can use it in the VPN Gateway screen to authenticate VPN users for establishing a VPN connection. Refer to the chapter on VPN for more information. Follow the steps below to specify the authentication method for a VPN connection. 1 Access the Configuration > VPN > IPSec VPN > VPN Gateway > Edit screen. 2 Click Show Advance Setting and select Enable Extended Authentication. 3 Select Server Mode and select an authentication method object from the drop-down list box. 4 Click OK to save the settings. ZyWALL ATP Series User's Guide 715