next to a user to view the group memberships for that user.Local Users are users stored and managed on the security appliance’s local database. In the Users > Local Users page, you can view and manage all local users, add new local users, and edit existing local users.
See the following sections for configuration instructions:
You can view all the groups to which a user belongs on the
Users > Local Users
page. Click on the expand icon next to a user to view the group memberships for that user.
The three columns to the right of the user’s name list the privileges that the user has. In the expanded view, it displays which group the user gets each privilege from.
|
•
|
Hover the mouse pointer over the comment icon
 in the VPN Access column to view the
network resources to which the user has VPN access. |
You can add local users to the internal database on the SonicWALL security appliance from the Users > Local Users page. To add local users to the database:
|
Step 1
|
|
Step 2
|
|
Step 3
|
In the
Password
field, type a password for the user. Passwords are case-sensitive and should consist of a combination of letters and numbers rather than names of family, friends, or pets.
|
|
Step 4
|
Confirm the password by retyping it in the
Confirm Password
field.
|
|
Step 5
|
Optionally, select the
User must change password
checkbox to force users to change their passwords the first time they login. Select the Require one-time passwords
checkbox to enable this functionality requiring SSL VPN users to submit a system-generated password for two-factor authentication.
|
|
Tip
|
If a Local User does not have one-time password enabled, while a group it belongs to does,
make sure the user’s email address is configured, otherwise this user cannot login.
|
|
Step 7
|
Optionally enter a comment in the
Comment
field.
|
|
Step 8
|
On the
Groups
tab, under User Groups
, select one or more groups to which the user will belong, and click the arrow button -> to move the group name(s) into the Member of
list. The user will be a member of the selected groups. To remove the user from a group, select the group from the Member of
list, and click the left arrow button <-.
|
|
Step 9
|
The
VPN Access
tab configures which network resources VPN users (either GVC, NetExtender, or Virtual Office bookmarks) can access. On the VPN Access
tab, select one or more networks from the Networks
list and click the right arrow button (->
) to move them to the Access List
column. To remove the user’s access to a network, select the network from the Access List
, and click the left arrow button (<-
).
|
|
Note
|
The
VPN access
tab affects the ability of remote clients using GVC, NetExtender, and Virtual Office bookmarks to access network resources. To allow GVC, NetExtender, or Virtual Office users to access a network resource, the network address objects or groups must be added to the “allow” list on the VPN Access
tab.
|
|
Step 10
|
On the
Bookmark
tab, administrators can add, edit, or delete Virtual Office bookmarks for each user who is a member of a related group. For information on configuring SSL VPN bookmarks, see “Configuring SSL VPN Bookmarks”
.
|
|
Note
|
Users must be members of the SSLVPN Services group before you can configure
Bookmarks for them.
|
|
Step 11
|
Click
OK
to complete the user configuration.
|
You can edit local users from the Users > Local Users screen. To edit a local user:
|
Step 1
|
|
Step 2
|
Configure the
Settings
, Groups
, VPN Access,
and Bookmark
tabs exactly as when adding a new user. See “Adding Local Users”
.
|
under Configure to remove the user from 
under Configure to edit the user.
under Configure to delete the user or group in that row.