Article Applies To:

SonicWALL Security Appliance Platforms:

Gen5: NSA E8500, NSA E7500, NSA E6500, NSA E5500, NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 2400MX, NSA 240
Gen5 TZ Series: TZ 100, TZ 100 Wireless, TZ 200, TZ 200 W, TZ 210, TZ 210 Wireless,

Firmware/Software Version: SoicOS Enhanced 5.2 and above
Services: SSL-VPN, LDAP


This article outlines all necessary steps to configure LDAP authentication for SSL-VPN users.


SSL-VPN Settings

  • Login to the SonicWALL Mangement GUI
  • Navigate to the SSL-VPN > Server Settings page.
  • Click on WAN to enable SSL-VPN on the WAN zone.


  • Navigate to the SSL VPN > Client Settings page and enter the following information:

  • Navigate to the Client Routes page and enter the following information:

LDAP Settings

  • Navigate to the Users > Settings page.
  • Select LDAP (or LDAP + Local Users) as authentication method and click on Configure.
  • Enter the following information to configure LDAP authentication:

  • In the following screenshot, a group called SSL-VPN Users is being imported. This or a similar group needs to have been created in the AD before performing this action.

User Settings

  • Navigate to the Users > Local Groups page.
  • Click on configure on the newly imported SSL-VPN Users group.
  • Under VPN Access tab select LAN Subnets or any other subnets that you wish to allow for this user group.
  • Click on OK to save the settings.

  • To make SSL-VPN Users group a member of the SSLVPN Services group, click on Configure on SSLVPN Services and add SSL-VPN Users group as a member.
  • Click on OK.

As per the above configuration, only members of the group SSL-VPN Users will be able to connect to SSL-VPN.