Filter
Top Products
Chapter 26 User/Group
ZyWALL (ZLD) CLI Reference Guide
233
26.2.4 Force User Authentication Commands
This table lists the commands for forcing user authentication.
Table 136 username/groupname Commands Summary: Forcing User Authentication
COMMAND DESCRIPTION
[no] force-auth activate Enables force user authentication that force users to log in to the ZyWALL
before the ZyWALL routes traffic for them. The no command means the
user authentication is not required.
force-auth default-rule authentication
{required | unnecessary} {no log | log
[alert]}
Sets the default authentication policy that the ZyWALL uses on traffic that
does not match any exceptional service or other authentication policy.
required: Users need to be authenticated. They must manually go to the
ZyWALL’s login screen. The ZyWALL will not redirect them to the login
screen.
unnecessary: Users do not need to be authenticated.
no log | log [alert]: Select whether to have the ZyWALL generate a log
(log), log and alert (log alert) or not (no log) for packets that match
this default policy.
force-auth [no] exceptional-service
service_name
Sets a service which you want users to be able to access without user
authentication. The
no command removes the specified service from the
exceptional list.
force-auth policy <1..1024> Creates the specified condition for forcing user authentication, if necessary,
and enters sub-command mode. The conditions are checked in sequence,
starting at 1. See Table 137 on page 234 for the sub-commands.
force-auth policy append Creates a new condition for forcing user authentication at the end of the
current list and enters sub-command mode. See Table 137 on page 234 for
the sub-commands.
force-auth policy insert <1..1024> Creates a new condition for forcing user authentication at the specified
location, renumbers the other conditions accordingly, and enters sub-
command mode. See Table 137 on page 234 for the sub-commands.
force-auth policy delete <1..1024> Deletes the specified condition.
To modify a condition, you can insert a new condition (N) and then delete
the one (N+1) that you want to modify.
force-auth policy flush Deletes every condition.
force-auth policy move <1..1024> to
<1..1024>
Moves the specified condition to the specified location and renumbers the
other conditions accordingly.
show force-auth activation Displays whether forcing user authentication is enabled or not.
show force-auth exceptional-service Displays services that users can access without user authentication.
show force-auth policy {<1..1024> |
all}
Displays details about the policies for forcing user authentication.