On the RADIUS Users tab you can specify what types of local or LDAP information to use in combination with RADIUS authentication. You can also define the default user group for RADIUS users.
|
1
|
On the RADIUS Users tab, select Allow only users listed locally if only the users listed in the SonicWall database are authenticated using RADIUS.
|
|
•
|
Select Use SonicWall vendor-specific attribute on RADIUS server to apply a configured vendor-specific attribute from the RADIUS server. The attribute must provide the user group to which the user belongs.
|
|
•
|
Select Use RADIUS Filter-ID attribute on RADIUS server to apply a configured Filter-ID attribute from the RADIUS server. The attribute must provide the user group to which the user belongs.
|
|
•
|
Select Use LDAP to retrieve user group information to obtain the user group from the LDAP server. You can click the Configure button to set up LDAP if you have not already configured it or if you need to make a change. For information about configuring LDAP, see Configuring the SonicWall Appliance for LDAP.
|
|
•
|
If you do not plan to retrieve user group information from RADIUS or LDAP, select Local configuration only.
|
|
•
|
For a shortcut for managing RADIUS user groups, check Memberships can be set locally by duplicating RADIUS user names. When you create users with the same name locally on the security appliance and manage their group memberships, the memberships in the RADIUS database will automatically change to mirror your local changes.
|
|
3
|
If you have previously configured User Groups on the SonicWall, select the group from the Default user group to which all RADIUS users belong drop-down menu.
|
In the RADIUS User Settings screen, you can create a new group by choosing Create a new user group... from the Default user group to which all RADIUS users belong drop-down menu:
|
1
|
|
2
|
In the Settings tab, enter a name for the group. You may enter a descriptive comment as well.
|
|
3
|
In the Members tab, select the members of the group. Select the users or groups you want to add in the left column and click the right arrow button.
|
|
4
|
Click Add All to add all users and groups.
|
|
NOTE: You can add any group as a member of another group except Everybody and All RADIUS Users. Be aware of the membership of the groups you add as members of another group.
|
|
5
|
In the VPN Access tab, select the network resources to which this group will have VPN Access by default.
|
|
6
|
If you have Content Filtering Service (CFS) on your security appliance, you can configure the content filtering policy for this group on the CFS Policy tab. See Security Services > Content Filter for instructions on registering for and managing the SonicWall Content Filtering Service.
|
