Article Applies To:
SonicWALL Security Appliance Platforms:
Gen5: NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 240
Gen5 TZ Series: TZ 100, TZ 100 Wireless, TZ 200, TZ 200 W, TZ 210, TZ 210 Wireless,
Gen4: PRO series: PRO 5060, PRO 4100, PRO 4060,PRO 3060, PRO 2040, PRO 1260
Gen4: TZ series: TZ 190, TZ 190 W, TZ 180, TZ 180 W, TZ 170, TZ 170 W, TZ 170 SP, TZ 170 SP Wireless.
Firmware/Software Version: All SonicOS Enhanced Firmware versions.
Services: Local user
The SonicWALL security appliance provides a local database for storing user and group information. You can configure the SonicWALL to use this local database to authenticate users and control their access to the network. The local database is a good choice if the number of users accessing the network is relatively small.
For networks with larger numbers of users, user authentication using LDAP or RADIUS servers can be more efficient.
Local Users are users stored and managed on the security appliance’s local database. In the Users > Local Users page, you can view and manage all local users, add new local users, and edit existing local users.
Step 1: Click Add User. The Add User configuration window displays.
Step 2: On the Settings tab, type the user name into the Name field.
Step 3: In the Password field, type a password for the user.
Note: Passwords are case-sensitive and should consist of a combination of letters and numbers rather than names of family, friends, or pets.
Step 4: Confirm the password by retyping it in the Confirm Password field.
Step 5: Optionally, select the User must change password checkbox to force users to change their passwords the first time they login. Select the Require one-time passwords checkbox to enable this functionality requiring SSL VPN users to submit a system-generated password for two-factor authentication.
Tip: If a Local User does not have one-time password enabled, while a group it belongs to does, make sure the user’s email address is configured, otherwise this user cannot login.
Step 6: Enter the user’s email address so they may receive one-time passwords.
Step 7: Optionally enter a comment in the Comment field.
Step 8: On the Groups tab, under User Groups, select one or more groups to which the user will belong, and click the arrow button -> to move the group name(s) into the Member of list. The user will be a member of the selected groups. To remove the user from a group, select the group from the Member of list, and click the left arrow button <-.
Step 9: On the VPN Access tab, to allow users to access networks using a VPN tunnel, select one or more networks from the Networks list and click the arrow button -> to move them to the Access List. To remove the user’s access to a network, select the network from the Access List, and click the left arrow button <-.
Step 10: On the Bookmark tab, administrators can add, edit, or delete Virtual Office bookmarks for each user who is a member of a related group. For information on configuring SSL VPN bookmarks, see
Note: Users must be members of the SSLVPN Services group before you can configure Bookmarks for them.
Step 11: Click OK to complete the user configuration.