Chapter 29 Object
USG20(W)-VPN Series User’s Guide
460
The following table describes the labels in this screen.
Table 180
Configuration > Object > User/Group > User > Add
LABEL
DESCRIPTION
User Name
Type the user name for this user account. You may use 1-31 alphanumeric characters,
underscores(
_
), or dashes (-), but the first character cannot be a number. This value is
case-sensitive. User names have to be different than user group names, and some
words are reserved. See
.
User Type
This field displays the types of user accounts the USG uses:
•
admin
- this user can look at and change the configuration of the USG
•
limited-admin
- this user can look at the configuration of the USG but not to
change it
•
user
- this user has access to the USG’s services and can also browse user-mode
commands (CLI).
•
guest
- this user has access to the
USG
’s services but cannot look at the
configuration.
•
ext-user
- this user account is maintained in a remote server, such as RADIUS or
for more information about this type.
•
ext-group-user
- this user account is maintained in a remote server, such as
RADIUS or LDAP. See
Ext-Group-User Accounts on page 457
for more information
about this type.
Password
This field is not available if you select the
ext-user
or
ext-group-user
type.
Enter the password of this user account. It can consist of 4 - 31 alphanumeric
characters.
Retype
This field is not available if you select the
ext-user
or
ext-group-user
type.
Group Identifier
This field is available for a
ext-group-user
type user account.
Specify the value of the AD or LDAP server’s
Group Membership Attribute
that
identifies the group to which this user belongs.
Associated AAA
Server Object
This field is available for a
ext-group-user
type user account. Select the AAA server to
use to authenticate this account’s users.
Description
Enter the description of each user, if any. You can use up to 60 printable ASCII
characters. Default descriptions are provided.
Authentication
Timeout Settings
If you want the system to use default settings, select
Use Default Settings
. If you
want to set authentication timeout to a value other than the default settings, select
Use
Manual Settings
then fill your preferred values in the fields that follow.
Lease Time
If you select
Use Default Settings
in the
Authentication Timeout Settings
field, the
default lease time is shown.
If you select
Use Manual Settings
, you need to
enter the number of minutes this user
has to renew the current session before the user is logged out. You can specify 1 to
1440 minutes. You can enter 0 to make the number of minutes unlimited. Admin users
renew the session every time the main screen refreshes in the Web Configurator. Access
users can renew the session by clicking the
Renew
button on their screen. If you allow
access users to renew time automatically (see
), the users
can select this check box on their screen as well. In this case, the session is
automatically renewed before the lease time expires.
Reauthentication
Time
If you select
Use Default Settings
in the
Authentication Timeout Settings
field, the
default lease time is shown.
If you select
Use Manual Settings
, you need to type the number of minutes this user
can be logged into the USG in one session before the user has to log in again. You can
specify 1 to 1440 minutes. You can enter 0 to make the number of minutes unlimited.
Unlike
Lease Time
, the user has no opportunity to renew the session without logging
out.
Configuration
Validation
Use a user account from the group specified above to test if the configuration is correct.
Enter the account’s user name in the
User Name
field and click
Test
.
Summary of Contents for ZyWall USG20-VPN
Page 17: ...17 PART I User s Guide ...
Page 18: ...18 ...
Page 99: ...99 PART II Technical Reference ...
Page 100: ...100 ...