ZyXEL Communications Security Camera 3.1 ユーザーズマニュアル
Chapter 26 User/Group
ZyWALL (ZLD) CLI Reference Guide
233
26.2.4 Force User Authentication Commands
This table lists the commands for forcing user authentication.
Table 136
username/groupname Commands Summary: Forcing User Authentication
COMMAND
DESCRIPTION
[no] force-auth activate
Enables force user authentication that force users to log in to the ZyWALL
before the ZyWALL routes traffic for them. The no command means the
user authentication is not required.
before the ZyWALL routes traffic for them. The no command means the
user authentication is not required.
force-auth default-rule authentication
{required | unnecessary} {no log | log
[alert]}
Sets the default authentication policy that the ZyWALL uses on traffic that
does not match any exceptional service or other authentication policy.
does not match any exceptional service or other authentication policy.
required
: Users need to be authenticated. They must manually go to the
ZyWALL’s login screen. The ZyWALL will not redirect them to the login
screen.
screen.
unnecessary
: Users do not need to be authenticated.
no log | log [alert]
: Select whether to have the ZyWALL generate a log
(log), log and alert (log alert) or not (no log) for packets that match
this default policy.
this default policy.
force-auth [no] exceptional-service
service_name
Sets a service which you want users to be able to access without user
authentication. The
authentication. The
no
command removes the specified service from the
exceptional list.
force-auth policy <1..1024>
Creates the specified condition for forcing user authentication, if necessary,
and enters sub-command mode. The conditions are checked in sequence,
starting at 1. See
and enters sub-command mode. The conditions are checked in sequence,
starting at 1. See
force-auth policy append
Creates a new condition for forcing user authentication at the end of the
current list and enters sub-command mode. See
current list and enters sub-command mode. See
for
the sub-commands.
force-auth policy insert <1..1024>
Creates a new condition for forcing user authentication at the specified
location, renumbers the other conditions accordingly, and enters sub-
command mode. See
location, renumbers the other conditions accordingly, and enters sub-
command mode. See
for the sub-commands.
force-auth policy delete <1..1024>
Deletes the specified condition.
To modify a condition, you can insert a new condition (N) and then delete
the one (N+1) that you want to modify.
the one (N+1) that you want to modify.
force-auth policy flush
Deletes every condition.
force-auth policy move <1..1024> to
<1..1024>
Moves the specified condition to the specified location and renumbers the
other conditions accordingly.
other conditions accordingly.
show force-auth activation
Displays whether forcing user authentication is enabled or not.
show force-auth exceptional-service
Displays services that users can access without user authentication.
show force-auth policy {<1..1024> |
all}
Displays details about the policies for forcing user authentication.