SonicOS 7.0 Users

Automatically Generated Rules for SonicWall SSO

When a SonicWall SSO agent or TSA is configured in the SonicOS Management Interface, an access rule and corresponding NAT policy are created to allow the replies from the agent into the LAN. These rules use either a SonicWall SSO Agents or SonicWall Terminal Services Agents address group object, which has a member address object for each configured agent. The member address objects are automatically added to and deleted from the group object as agents are added or deleted. The member address objects are also updated automatically as an agent’s IP address changes, including when an IP address is resolved through DNS (where an agent is given by DNS name).

If SonicWall SSO agents or TSAs are configured in different zones, the access rule and NAT policy are added to each applicable zone. The same SonicWall SSO Agents or SonicWall Terminal Services Agents address group is used in each zone.

Do not enable Guest Services in the same zone where SonicWall SSO is being used. Enabling Guest Services disables SSO in that zone, causing users who have authenticated through SSO to lose access. Create a separate zone for Guest Services.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden