![background image](/i/zyxel/144611/zyxel-zywall-usg-1000/h/zyxel-zywall-usg-1000-093.png)
Chapter 4 Create Secure Connections Across the Internet
ZyWALL USG 20-2000 User’s Guide
93
1
Install the SafeWord 2008 authentication server software on a computer.
2
Create user accounts on the ZyWALL and in the SafeWord 2008 authentication server.
3
Import each ZyWALL OTPv2 token’s database file (located on the included CD) into the server.
4
Assign users to ZyWALL OTPv2 tokens on the server.
5
Configure the SafeWord 2008 authentication server as a RADIUS server in the ZyWALL’s
Configuration > Object > AAA Server
screens.
6
Configure the appropriate authentication method object to use the SafeWord 2008 authentication
server RADIUS server object.
7
Configure Auth. Policy and VPN to use the authentication method object.
8
Give the ZyWALL OTPv2 tokens to the assigned users.
9
A user presses his ZyWALL OTPv2 token’s button to generate a password to enter in the
Login
screens’
One-Time Password
field.
4.7.1 What Can Go Wrong
• Users cannot log in if they try to re-use a password that they have already used to log in. Users
must generate a new password for each login.
• Authentication fails if the SafeWord 2008 authentication server goes down, loses its network
connection, or is too busy. Users can try again a little later.