Chapter 23 User & Authentication
USG FLEX H Series User’s Guide
346
The following table describes the labels in this screen.
Table 172 User & Authentication > AAA Server > RADIUS Server Summary > Add
LABEL DESCRIPTION
Name Enter a descriptive name for identification purposes. Use up to 30 single-byte characters,
including 0-9a-zA-Z_-.
Description Enter the description of each server, if any. Use up to 61 single-byte characters, including 0-9a-
zA-Z'()+,/:=?;!*#@$_%-".
Server Address Enter the IPv4 address or FQDN of the RADIUS server.
Authentication
Port
Specify the port number on the RADIUS server to which the Zyxel Device sends authentication
requests. Enter a number between 1 and 65535.
Backup Server
Address
If the RADIUS server has a backup server, enter its address here.
Backup
Authentication
Port
Specify the port number on the RADIUS server to which the Zyxel Device sends authentication
requests. Enter a number between 1 and 65535.
Key Enter a password (up to 63 single-byte characters, including 0-9a-zA-Z_(){}<>^`+/
:!*#@&=$\?.~%,|;-) as the key to be shared between the external authentication server and
the Zyxel Device. Your password will be encrypted when you configure this field.
The key is not sent over the network. This key must be the same on the external authentication
server and the Zyxel Device.
Change of
Authorization
The external RADIUS server can change its authentication policy and send CoA (Change of
Authorization) or RADIUS Disconnect messages in order to terminate the subscriber’s service.
Select this option to allow the Zyxel Device to disconnect wireless clients based on the
information (such as client’s user name and MAC address) specified in CoA or RADIUS
Disconnect messages sent by the RADIUS server.
Server Address Enter the IPv4 address or Fully-Qualified Domain Name (FQDN) of the RADIUS accounting
server.
Accounting Port Specify the port number on the RADIUS server to which the Zyxel Device sends accounting
information. Enter a number between 1 and 65535.
Backup Server
Address
If the RADIUS server has a backup accounting server, enter its address here.
Backup
Accounting Port
Specify the port number on the RADIUS server to which the Zyxel Device sends accounting
information. Enter a number between 1 and 65535.
Key Enter a password (up to 15 alphanumeric characters) as the key to be shared between the
external authentication server and the Zyxel Device.
The key is not sent over the network. This key must be the same on the external authentication
server and the Zyxel Device.
Timeout Specify the timeout period (between 1 and 300 seconds) before the Zyxel Device disconnects
from the RADIUS server. In this case, user authentication fails.
Search timeout occurs when either the user information is not in the RADIUS server or the
RADIUS server is down.
NAS IP Address Type the IP address of the NAS (Network Access Server).
NAS Identifier If the RADIUS server requires the Zyxel Device to provide the Network Access Server identifier
attribute with a specific value, enter it here.
Case-sensitive
User Names
Select this if you want configure your username as case-sensitive.
Group
Membership
Attribute
A RADIUS server defines attributes for its accounts. Select the name and number of the
attribute that the Zyxel Device is to check to determine to which group a user belongs. If it does
not display, select user-defined and specify the attribute’s number.
This attribute’s value is called a group identifier; it determines to which group a user belongs.
To Next Page
Loading...
