Chapter 43 Object
ZyWALL USG Series User’s Guide
861
configuring ext-group-user user objects and authentication method objects (see
).
43.10.1 Directory Service (AD/LDAP)
LDAP/AD allows a client (the Zyxel Device) to connect to a server to retrieve information from a
directory. A network example is shown next.
Figure 598
Example: Directory Service Client and Server
The following describes the user authentication procedure via an LDAP/AD server.
1
A user logs in with a user name and password pair.
2
The Zyxel Device tries to bind (or log in) to the LDAP/AD server.
3
When the binding process is successful, the Zyxel Device checks the user information in the directory
against the user name and password pair.
4
If it matches, the user is allowed access. Otherwise, access is blocked.
43.10.2 RADIUS Server
RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to
authenticate users by means of an external server instead of (or in addition to) an internal device user
database that is limited to the memory capacity of the device. In essence, RADIUS authentication
allows you to validate a large number of users from a central location.
Figure 599
RADIUS Server Network Example
43.10.3 ASAS
ASAS (Authenex Strong Authentication System) is a RADIUS server that works with the One-Time Password
(OTP) feature. Purchase a Zyxel Device OTP package in order to use this feature. The package contains
Summary of Contents for USG110
Page 27: ...27 PART I User s Guide ...
Page 195: ...195 PART II Technical Reference ...
Page 309: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 309 ...
Page 313: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 313 ...
Page 358: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 358 ...
Page 373: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 373 ...