SonicOS 7.0 Users
- SonicOS 7.0 Users
- About User Management
- Using Local Users and Groups for Authentication
- Using RADIUS for Authentication
- Using LDAP/Active Directory/eDirectory Authentication
- Using RADIUS
- Using TACACS+
- Using Single Sign-On
- What is Single Sign-On?
- Benefits of SonicWall SSO
- Platforms and Supported Standards
- How Does Single Sign-On Work?
- How Does SSO Agent Work?
- How Does Terminal Services Agent Work?
- How Does Browser NTLM Authentication Work?
- How Does RADIUS Accounting for Single-Sign-On Work?
- Installing the Single Sign-On Agent and/or Terminal Services Agent
- Single Sign-On Advanced Features
- Configuring Access Rules
- Managing SonicOS with HTTP Login from a Terminal Server
- Viewing and Managing SSO User Sessions
- Multiple Administrator Support
- Configuring Users Status
- Configuring User Settings
- User Login Settings
- Setting the Authentication Method for Login
- Configuring RADIUS Authentication
- Configuring LDAP
- Configuring TACACS+
- Requiring User Names be Treated as Case-Sensitive
- Preventing Users From Logging in from More than One Location
- Forcing Users to Log In Immediately After Changing Their Passwords
- Displaying User Login Information Since the Last Login
- Setting the Single-Sign-On Methods
- One-Time Password Settings
- Configuring the User Web Login Settings
- Adding URLs to Authentication Bypass
- User Session Settings
- Accounting
- [[[Missing Linked File System.LinkedTitle]]]
- User Login Settings
- Configuring and Managing Partitions
- Configuring Local Users and Groups
- Configuring Guest Services
- Configuring Guest Accounts
- Managing Guest Status
- SonicWall Support
Enabling LDAP Relay
SonicWall can operate as a RADIUS server for remote SonicWalls that do not support LDAP, acting as a gateway between RADIUS and LDAP, and relaying authentication requests from them to the LDAP server.
-
The RADIUS client on the remote SonicWall should be configured to use port 1812 and the shared secret below (See step 7)
-
On remoteSonicWall running SonicOS enhanced firmware, select Use SonicWall vendor-specific attribute on RADIUS server on the RADIUS Users tab.
- Navigate to Device > Users > Settings > Accounting.
- Next to Configure LDAP, click Configure.
The LDAP Configuration page is displayed.
-
Under the LDAP Relay tab do the following:
-
Select Enable RADIUS to LDAP Relay
-
In Allow RADIUS clients to connect via select one of the policy rules to allow incoming RADIUS requests accordingly.
-
Trusted Zones
-
WAN Zone
-
Public Zones
-
VPN Zone
-
-
In the RADIUS shared secret enter a shared secret common to all remote SonicWall.
Additionally, for remote SonicWalls running non-enhanced firmware, with this feature the central SonicWall can return legacy user privilege information to them based on user group memberships learned via LDAP. This avoids what can be very complex configuration of an external RADIUS server such as IAS for those SonicWalls.
-
In User groups for legacy VPN users, enter the user group that corresponds to the legacy Access to VPNs privileges. When a user in this user group is authenticated, the remote SonicWall is notified to give the user the relevant privileges.
-
In User groups for legacy VPN client users, enter the user group that corresponds to the legacy Access from VPN client with XAUTH privileges. When a user in this user group is authenticated, the remote SonicWall is notified to give the user the relevant privileges
-
In User groups for legacy L2TP users, enter the user group that corresponds to the legacy Access from L2TP VPN client privileges. When a user in this user group is authenticated, the remote SonicWall is notified to give the user the relevant privileges.
-
In User groups for legacy users with Internet access, enter the user group that corresponds to the legacy Allow Internet access (when access is restricted) privileges. When a user in this user group is authenticated, the remote SonicWall is notified to give the user the relevant privileges.
-
- Click Apply.
Was This Article Helpful?
Help us to improve our support portal