1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 71
Page 351 / 944 Scroll up to view Page 346 - 350
Chapter 21 Authentication Policy
ZyWALL USG 50 User’s Guide
351
Click
Configuration > Auth. Policy
to display the screen.
Figure 211
Configuration > Auth. Policy
Page 352 / 944
Chapter 21 Authentication Policy
ZyWALL USG 50 User’s Guide
352
The following table gives an overview of the objects you can configure.
Table 101
Configuration > Auth. Policy
LABEL
DESCRIPTION
Enable
Authentication
Policy
Select this to turn on the authentication policy feature.
Exceptional
Services
Use this table to list services that users can access without logging in.
Click
Add
to change the list’s membership. A screen appears. Available
services appear on the left. Select any services you want users to be
able to access without logging in and click the right arrow button to add
them. The member services are the right. Select any service that you
want to remove from the member list, and click the left arrow button to
remove them.
Keeping DNS as a member allows users’ computers to resolve domain
names into IP addresses.
Figure 212
Configuration > Auth. Policy > Add Exceptional
Service
In the table, select one or more entries and click
Remove
to delete it or
them.
Authentication
Policy
Summary
Use this table to manage the ZyWALL’s list of authentication policies.
Add
Click this to create a new entry. Select an entry and click
Add
to create
a new entry after the selected entry.
Edit
Double-click an entry or select it and click
Edit
to open a screen where
you can modify the entry’s settings.
Remove
To remove an entry, select it and click
Remove
. The ZyWALL confirms
you want to remove it before doing so.
Activate
To turn on an entry, select it and click
Activate
.
Inactivate
To turn off an entry, select it and click
Inactivate
.
Move
To move an entry to a different number in the list, click the
Move
icon.
In the field that appears, specify the number to which you want to move
the interface.
Page 353 / 944
Chapter 21 Authentication Policy
ZyWALL USG 50 User’s Guide
353
21.2.1
Creating/Editing an Authentication Policy
Click
Configuration > Auth. Policy
and then the
Add
(or
Edit
) icon to open the
Endpoint Security Edit
screen. Use this screen to configure an authentication
policy.
Status
This icon is lit when the entry is active and dimmed when the entry is
inactive.
Priority
This is the position of the authentication policy in the list. The priority is
important as the policies are applied in order of priority.
Default
displays for the default authentication policy that the ZyWALL uses on
traffic that does not match any exceptional service or other
authentication policy. You can edit the default rule but not delete it.
Source
This displays the source address object to which this policy applies.
Destination
This displays the destination address object to which this policy applies.
Schedule
This field displays the schedule object that dictates when the policy
applies.
none
means the policy is active at all times if enabled.
Authentication
This field displays the authentication requirement for users when their
traffic matches this policy. This is
n/a
for the default policy.
unnecessary
- Users do not need to be authenticated.
required
- Users need to be authenticated. They must manually go to
the login screen. The ZyWALL will not redirect them to the login screen.
force
- Users need to be authenticated. The ZyWALL automatically
displays the login screen whenever it routes HTTP traffic for users who
have not logged in yet.
EPS
This lists any endpoint security objects the policy uses.
Description
If the entry has a description configured, it displays here.
Apply
Click this button to save your changes to the ZyWALL.
Reset
Click this button to return the screen to its last-saved settings.
Table 101
Configuration > Auth. Policy (continued)
LABEL
DESCRIPTION
Page 354 / 944
Chapter 21 Authentication Policy
ZyWALL USG 50 User’s Guide
354
Figure 213
Configuration > Auth. Policy > Add
The following table gives an overview of the objects you can configure.
Table 102
Configuration > Auth. Policy > Add
LABEL
DESCRIPTION
Create new
Object
Use to configure any new settings objects that you need to use in this
screen.
Enable Policy
Select this check box to activate the authentication policy. This field is
available for user-configured policies.
Description
Enter a descriptive name of up to 60 printable ASCII characters for the
policy. Spaces are allowed. This field is available for user-configured
policies.
User
Authentication
Policy
Use this section of the screen to determine which traffic requires (or does
not require) the senders to be authenticated in order to be routed.
Source
Address
Select a source address or address group for whom this policy applies.
Select
any
if the policy is effective for every source. This is
any
and not
configurable for the default policy.
Destination
Address
Select a destination address or address group for whom this policy
applies. Select
any
if the policy is effective for every destination. This is
any
and not configurable for the default policy.
Page 355 / 944
Chapter 21 Authentication Policy
ZyWALL USG 50 User’s Guide
355
Schedule
Select a schedule that defines when the policy applies. Otherwise, select
none
and the rule is always effective. This is
none
and not configurable
for the default policy.
Authentication
Select the authentication requirement for users when their traffic
matches this policy.
unnecessary
- Users do not need to be authenticated.
required
- Users need to be authenticated. They must manually go to
the login screen. The ZyWALL will not redirect them to the login screen.
Log
This field is available for the default policy. Select whether to have the
ZyWALL generate a log (
log
), log and alert (
log alert
) or not (
no
) for
packets that match the default policy. See
Chapter 46 on page 723
for
more on logs.
Force User
Authentication
This field is available for user-configured policies that require
authentication. Select this to have the ZyWALL automatically display the
login screen when users who have not logged in yet try to send HTTP
traffic.
Endpoint
Security (EPS)
These fields display when you set the
Authentication
field to
required
.
Use these fields to make sure users’ computers meet an endpoint
security object’s Operating System (OS) and security requirements
before granting access. These fields are available for user-configured
policies that require authentication.
Enable EPS
Checking
Select this to have the ZyWALL check that users’ computers meet the
Operating System (OS) and security requirements of one of the policy’s
selected endpoint security objects before granting access.
Periodical
checking time
Select this and specify a number of minutes to have the ZyWALL repeat
the endpoint security check at a regular interval.
Available EPS
Object /
Selected EPS
Object
Configured endpoint security objects appear on the left. Select the
endpoint security objects to use for this policy and click the right arrow
button to add them to the selected list on the right. Use the [Shift] and/
or [Ctrl] key to select multiple objects. Select any endpoint security
objects that you want to remove from the selected list and click the left
arrow button to remove them.
The ZyWALL checks authenticated users’ computers against the policy’s
selected endpoint security objects in the order you list them here. When
a user’s computer matches an endpoint security object the ZyWALL
grants access and stops checking. Select an endpoint security object and
use the up and down arrows to change it’s position in the list. To make
the endpoint security check as efficient as possible, arrange the endpoint
security objects in order with the one that the most users should match
first and the one that the least user’s should match last.
OK
Click
OK
to save your changes back to the ZyWALL.
Cancel
Click
Cancel
to exit this screen without saving.
Table 102
Configuration > Auth. Policy > Add
(continued)
LABEL
DESCRIPTION

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top