Chapter 43 Object
ZyWALL USG Series User’s Guide
873
Via a VPN tunnel
1
A user runs a VPN client and logs in with the user name and password for this VPN tunnel.
2
The VPN tunnel is created from the VPN client device to the Zyxel Device.
3
The Zyxel Device requests the user’s user-name, password and mobile phone number or email address
from the Active Directory, RADIUS server or local Zyxel Device database in order to authenticate this
user's use of the VPN tunnel (factor 1). If they are not found, then the Zyxel Device terminates the VPN
tunnel.
4
If all correct credentials are found, then the Zyxel Device will request the Cloud SMS system to send an
authorization SMS or email to the client requesting VPN access (factor 2).
5
The client should access the authorization link sent via SMS or email by the Cloud SMS system within a
specified deadline (
Valid Time
).
6
If the authorization is correct and received on time, then the client can have VPN access to the secured
network. If the authorization deadline has expired, then the client will have to run the VPN client again. If
authorization credentials are incorrect or if the SMS/email was not received, then the client must check
with the network administrator.
Via the Web Configurator, SSH, or Telnet
1
An admin user is trying to log into the Zyxel Device using the Web Configurator, SSH, or Telnet.
2
The Zyxel Device requests the admin user’s user-name, password and mobile phone number or email
address from the Active Directory, RADIUS server or local Zyxel Device database in order to
authenticate this admin user.
3
If all correct credentials are found, then the Zyxel Device will request the Cloud SMS system to send an
authorization SMS or email to the admin user.
4
The admin user should access the authorization link sent via SMS or email by the Cloud SMS system within
a specified deadline (
Valid Time
).
5
If the authorization is correct and received on time, then the client can access to the secured network.
If the authorization deadline has expired, then the admin user will have to try again. If authorization
credentials are incorrect or if the SMS/email was not received, then the admin user must check with the
network administrator.
43.11.4.2 Pre-configuration
Before configuration, you must:
• Set up the user’s user-name, password and email address or mobile number in the Active Directory,
RADIUS server or local Zyxel Device database
• Configure the VPN tunnel for this user on the Zyxel Device
• Have an account with ViaNett to be able to send SMS authorization requests
• Enable
HTTP
and/or
HTTPS
in
System > WWW > Service Control
• Enable SSH and/or Telnet in
System > SSH
and/or
System > TELNET
• Configure
SMS
in
System > Notification > SMS
and a mail server
in System > Notification > Mail Server
.
Summary of Contents for USG110
Page 27: ...27 PART I User s Guide ...
Page 195: ...195 PART II Technical Reference ...
Page 309: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 309 ...
Page 313: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 313 ...
Page 358: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 358 ...
Page 373: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 373 ...