ZyXEL Communications 91-009-073003B ユーザーズマニュアル
Chapter 7 Tutorials
ZyWALL USG 50 User’s Guide
122
7.5 How to Configure User-aware Access Control
You can configure many policies and security settings for specific users or groups
of users. This is illustrated in the following example, where you will set up the
following policies. This is a simple example that does not include priorities for
different types of traffic. See
of users. This is illustrated in the following example, where you will set up the
following policies. This is a simple example that does not include priorities for
different types of traffic. See
for more on
bandwidth management.
The users are authenticated by an external RADIUS server at 192.168.1.200.
First, set up the user accounts and user groups in the ZyWALL. Then, set up user
authentication using the RADIUS server. Finally, set up the policies in the table
above.
authentication using the RADIUS server. Finally, set up the policies in the table
above.
The ZyWALL has its default settings.
7.5.1 Set Up User Accounts
Set up one user account for each user account in the RADIUS server. If it is
possible to export user names from the RADIUS server to a text file, then you
might create a script to create the user accounts instead. This example uses the
Web Configurator.
possible to export user names from the RADIUS server to a text file, then you
might create a script to create the user accounts instead. This example uses the
Web Configurator.
1
Click Configuration > Object > User/Group > User. Click the Add icon.
Table 18 User-aware Access Control Example
GROUP (USER)
WEB
SURFING
SURFING
WEB
BANDWIDTH
BANDWIDTH
MSN
LAN1-TO-
DMZ ACCESS
DMZ ACCESS
Finance (Leo)
Yes
200K
No
Yes
Engineer (Steven) Yes
100K
No
No
Sales (Debbie)
Yes
100K
Yes (M-F, 08:30~18:00)
Yes
Boss (Andy)
Yes
100K
Yes
Yes
Guest (guest)
Yes
50K
No
No
Others
No
---
No
No