How to configure IAS RADIUS Authentication

Gen 5 - IAS RADIUS Authentication

The following tech note will explain the basic steps needed to get Microsoft IAS RADIUS working with a SonicWall Gen 4 or 5 firewall. In this example, RADIUS will be used to authenticate ‘SonicWall Read-Only Admins’. A different existing or custom group could also be used depending on the desired RADIUS authentication goal.

1. Launch Internet Authentication Service from Administrative Tools. 
           
2. Enter a Friendly Name and IP address for the SonicWall, and then click ‘Next’.
           
3. Right-click Remote Access Policies and select New Remote Access Policy, which will launch the Policy Wizard.
4. Choose Set up a custom policy and choose a Policy name.
           
5. Choose a group and add the users that will use RADIUS authentication. 
        
6. Highlight Remote Access Policies, right-click the policy, and select Properties. Select Edit Profile then the Authentication Tab. Select Unencrypted authentication (PAP, SPAP). Note: This choice is actually considered Standard Authentication using PAP, which is encrypted i.e. all communication is secured. 
         
7. Select ‘Use SonicWall vendor-specific attribute on RADIUS users’ or ‘Use RADIUS Filter-Id attribute on RADIUS server’ under ‘Mechanism for setting user group memberships for RADIUS users’.  Also, choose the ‘Default user group to which RADIUS users belong’.    
8. Test the RADIUS Authentication by attempting to log into the SonicWall to gain Read-Only access.