Article Applies To:
SonicWALL Security Appliance Platforms:
Gen5: NSA E8500, NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 2400MX, NSA 240
Gen5 TZ Series: TZ 100, TZ 100 Wireless, TZ 200, TZ 200 W, TZ 210, TZ 210 Wireless,
Firmware/Software Version: SoicOS Enhanced 5.2 and above
Services: SSL-VPN, LDAP
This article outlines all necessary steps to configure LDAP authentication for SSL-VPN users.
- Login to the SonicWALL Mangement GUI
- Navigate to the SSL-VPN > Server Settings page.
- Click on WAN to enable SSL-VPN on the WAN zone.
- Navigate to the SSL VPN > Client Settings page and enter the following information:
- Navigate to the Client Routes page and enter the following information:
- Navigate to the Users > Settings page.
- Select LDAP (or LDAP + Local Users) as authentication method and click on Configure.
- Enter the following information to configure LDAP authentication:
- In the following screenshot, a group called SSL-VPN Users is being imported. This or a similar group needs to have been created in the AD before performing this action.
- Navigate to the Users > Local Groups page.
- Click on configure on the newly imported SSL-VPN Users group.
- Under VPN Access tab select LAN Subnets or any other subnets that you wish to allow for this user group.
- Click on OK to save the settings.
- To make SSL-VPN Users group a member of the SSLVPN Services group, click on Configure on SSLVPN Services and add SSL-VPN Users group as a member.
- Click on OK.
As per the above configuration, only members of the group SSL-VPN Users will be able to connect to SSL-VPN.