Zyxel ZyWALL-USG50 Router Manual PDF (Setup & Configuration Guide)

Page 591 / 944 Scroll up to view Page 586 - 590

Chapter 35 User/Group

ZyWALL USG 50 User’s Guide

591

35.4

Setting Screen

The

Setting

screen controls default settings, login settings, lockout settings, and

other user settings for the ZyWALL. You can also use this screen to specify when

users must log in to the ZyWALL before it routes traffic for them.

Member List

The

Member

list displays the names of the users and user groups that

have been added to the user group. The order of members is not

important. Select users and groups from the

Available

list that you

want to be members of this group and move them to the

Member

list.

You can double-click a single entry to move it or use the [Shift] or [Ctrl]

key to select multiple entries and use the arrow button to move them.

Move any members you do not want included to the

Available

list.

OK

Click

OK

to save your changes back to the ZyWALL.

Cancel

Click

Cancel

to exit this screen without saving your changes.

Table 174

Configuration > User/Group > Group > Add (continued)

LABEL

DESCRIPTION

Page 592 / 944

Chapter 35 User/Group

ZyWALL USG 50 User’s Guide

592

To access this screen, login to the Web Configurator, and click

Configuration >

Object > User/Group > Setting

.

Figure 338

Configuration > Object > User/Group > Setting

The following table describes the labels in this screen.

Table 175

Configuration > Object > User/Group > Setting

LABEL

DESCRIPTION

User Authentication

Timeout Settings

Default Authentication

Timeout Settings

These authentication timeout settings are used by default

when you create a new user account. They also control the

settings for any existing user accounts that are set to use the

default settings. You can still manually configure any user

account’s authentication timeout settings.

Edit

Double-click an entry or select it and click

Edit

to open a

screen where you can modify the entry’s settings.

#

This field is a sequential value, and it is not associated with a

specific entry.

Page 593 / 944

Chapter 35 User/Group

ZyWALL USG 50 User’s Guide

593

User Type

These are the kinds of user account the ZyWALL supports.

•

admin

- this user can look at and change the configuration

of the ZyWALL

•

limited-admin

- this user can look at the configuration of

the ZyWALL but not to change it

•

user

- this user has access to the ZyWALL’s services but

cannot look at the configuration

•

guest

- this user has access to the ZyWALL’s services but

cannot look at the configuration

•

ext-user

- this user account is maintained in a remote

server, such as RADIUS or LDAP. See

Ext-User Accounts on

page 584

for more information about this type.

•

ext-group-user

- this user account is maintained in a

remote server, such as RADIUS or LDAP. See

Ext-Group-

User Accounts on page 585

for more information about this

type.

Lease Time

This is the default lease time in minutes for each type of user

account. It defines the number of minutes the user has to

renew the current session before the user is logged out.

Admin users renew the session every time the main screen

refreshes in the Web Configurator. Access users can renew the

session by clicking the

Renew

button on their screen. If you

allow access users to renew time automatically (see

Section

35.4 on page 591

), the users can select this check box on their

screen as well. In this case, the session is automatically

renewed before the lease time expires.

Reauthentication

Time

This is the default reauthentication time in minutes for each

type of user account. It defines the number of minutes the

user can be logged into the ZyWALL in one session before

having to log in again. Unlike

Lease Time

, the user has no

opportunity to renew the session without logging out.

Miscellaneous Settings

Allow renewing lease

time automatically

Select this check box if access users can renew lease time

automatically, as well as manually, simply by selecting the

Updating lease time automatically

check box on their

screen.

Enable user idle

detection

This is applicable for access users.

Select this check box if you want the ZyWALL to monitor how

long each access user is logged in and idle (in other words,

there is no traffic for this access user). The ZyWALL

automatically logs out the access user once the

User idle

timeout

has been reached.

User idle timeout

This is applicable for access users.

This field is effective when

Enable user idle detection

is

checked. Type the number of minutes each access user can be

logged in and idle before the ZyWALL automatically logs out

the access user.

User Logon Settings

Table 175

Configuration > Object > User/Group > Setting (continued)

LABEL

DESCRIPTION

Page 594 / 944

Chapter 35 User/Group

ZyWALL USG 50 User’s Guide

594

35.4.1

Default User Authentication Timeout Settings Edit

Screens

The

Default Authentication Timeout Settings Edit

screen allows you to set the

default authentication timeout settings for the selected type of user account.

These default authentication timeout settings also control the settings for any

existing user accounts that are set to use the default settings. You can still

manually configure any user account’s authentication timeout settings.

Limit the number of

simultaneous logons

for administration

account

Select this check box if you want to set a limit on the number

of simultaneous logins by admin users. If you do not select

this, admin users can login as many times as they want at the

same time using the same or different IP addresses.

Maximum number per

administration

account

This field is effective when

Limit ... for administration

account

is checked. Type the maximum number of

simultaneous logins by each admin user.

Limit the number of

simultaneous logons

for access account

Select this check box if you want to set a limit on the number

of simultaneous logins by non-admin users. If you do not

select this, access users can login as many times as they want

as long as they use different IP addresses.

Maximum number per

access account

This field is effective when

Limit ... for access account

is

checked. Type the maximum number of simultaneous logins by

each access user.

User Lockout Settings

Enable logon retry

limit

Select this check box to set a limit on the number of times

each user can login unsuccessfully (for example, wrong

password) before the IP address is locked out for a specified

amount of time.

Maximum retry count

This field is effective when

Enable logon retry limit

is

checked. Type the maximum number of times each user can

login unsuccessfully before the IP address is locked out for the

specified

lockout period

. The number must be between 1 and

99.

Lockout period

This field is effective when

Enable logon retry limit

is

checked. Type the number of minutes the user must wait to try

to login again, if

logon retry limit

is enabled and the

maximum retry count

is reached. This number must be

between 1 and 65,535 (about 45.5 days).

Apply

Click

Apply

to save the changes.

Reset

Click

Reset

to return the screen to its last-saved settings.

Table 175

Configuration > Object > User/Group > Setting (continued)

LABEL

DESCRIPTION

Page 595 / 944

Chapter 35 User/Group

ZyWALL USG 50 User’s Guide

595

To access this screen, go to the

Configuration > Object > User/Group >

Setting

screen (see

Section 35.4 on page 591

), and click one of the

Default

Authentication Timeout Settings

section’s

Edit

icons.

Figure 339

Configuration > Object > User/Group > Setting > Edit

The following table describes the labels in this screen.

Table 176

Configuration > Object > User/Group > Setting > Edit

LABEL

DESCRIPTION

User Type

This read-only field identifies the type of user account for which you

are configuring the default settings.

•

admin

- this user can look at and change the configuration of the

ZyWALL

•

limited-admin

- this user can look at the configuration of the

ZyWALL but not to change it

•

user

- this user has access to the ZyWALL’s services but cannot

look at the configuration

•

ext-user

- this user account is maintained in a remote server, such

as RADIUS or LDAP. See

Ext-User Accounts on page 584

for more

information about this type.

•

ext-group-user

- this user account is maintained in a remote

server, such as RADIUS or LDAP. See

Ext-Group-User Accounts on

page 585

for more information about this type.

Lease Time

Enter the number of minutes this type of user account has to renew

the current session before the user is logged out. You can specify 1 to

1440 minutes. You can enter 0 to make the number of minutes

unlimited.

Admin users renew the session every time the main screen refreshes

in the Web Configurator. Access users can renew the session by

clicking the

Renew

button on their screen. If you allow access users

to renew time automatically (see

Section 35.4 on page 591

), the users

can select this check box on their screen as well. In this case, the

session is automatically renewed before the lease time expires.

Reauthentication

Time

Type the number of minutes this type of user account can be logged

into the ZyWALL in one session before the user has to log in again. You

can specify 1 to 1440 minutes. You can enter 0 to make the number of

minutes unlimited. Unlike

Lease Time

, the user has no opportunity to

renew the session without logging out.

OK

Click

OK

to save your changes back to the ZyWALL.

Cancel

Click

Cancel

to exit this screen without saving your changes.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share