ZyXEL Communications 3.1 ユーザーズマニュアル

ZyWALL (ZLD) CLI Reference Guide

This chapter introduces and shows you how to configure the ZyWALL to use external authentication 
servers.

You can use an AAA (Authentication, Authorization, Accounting) server to provide access control to 
your network. 

The following lists the types of authentication server the ZyWALL supports. 

• Local  user  database 

The ZyWALL uses the built-in local user database to authenticate administrative users logging 
into the ZyWALL’s web configurator or network access users logging into the network through the 
ZyWALL. You can also use the local user database to authenticate VPN users. 

• Directory Service (LDAP/AD) 

LDAP (Lightweight Directory Access Protocol)/AD (Active Directory) is a directory service that is 
both a directory and a protocol for controlling access to a network. The directory consists of a 
database specialized for fast information retrieval and filtering activities. You create and store 
user profile and login information on the external server. 

• RADIUS

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used 
to authenticate users by means of an external or built-in RADIUS server. RADIUS authentication 
allows you to validate a large number of users from a central location. 

This section describes the commands for authentication server settings. 

The following table lists the 

ad-server 

commands you use to set the default AD server.    

ad-server Commands

show ad-server

Displays the default AD server settings. 

[no] ad-server basedn basedn

Sets a base distinguished name (DN) for the default AD server. A base DN identifies 
an AD directory. The no command clears this setting.