ZyXEL Communications 100 Series User Manual

 Chapter 39 AAA Server

ZyWALL USG 100/200 Series User’s Guide

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular 
protocol used to authenticate users by means of an external or built-in RADIUS server. 
RADIUS authentication allows you to validate a large number of users from a central 
location. 

See 

 for an example of how to set up user authentication using a 

radius server.

The directory entries are arranged in a hierarchical order much like a tree structure. Normally, 
the directory structure reflects the geographical or organizational boundaries. The following 
figure shows a basic directory structure branching from countries to organizations to 
organizational units to individuals. 

Figure 463   Basic Directory Structure 

A DN uniquely identifies an entry in a directory. A DN consists of attribute-value pairs 
separated by commas. The leftmost attribute is the Relative Distinguished Name (RDN). This 
provides a unique name for entries that have the same “parent DN” (“cn=domain1.com, 
ou=Sales, o=MyCompany

” in the following examples). 

cn=domain1.com, ou = Sales, o=MyCompany, c=US

cn=domain1.com, ou = Sales, o=MyCompany, c=JP

A base DN specifies a directory. A base DN usually contains information such as the name of 
an organization, a domain name and/or country. For example, o=MyCompany, c=UK where 
o

 means organization and c means country. 

Root

US

Japan

Sprint

UPS

NEC

Sales

RD3

QA

CSO

Sales

RD

Countries (c)

Organizations (o) Organization Units (ou) Unique 

Common Name 
(cn)