|
1
|
Navigate to the User > Settings page.
|
|
2
|
Select one of the following authentication methods from the Authentication method for login pull-down list:
|
|
•
|
Local Users—To configure users in the local database using the Users > Local Users and Users > Local Groups pages. For information on configuring local users and groups, refer to Configuring Local Users and Configuring Local Groups .
|
|
•
|
RADIUS—If you have more than 1,000 users or want to add an extra layer of security for authenticating the user to the SonicWALL. If you select Use RADIUS for user authentication, users must log into the SonicWALL using HTTPS in order to encrypt the password sent to the SonicWALL. If a user attempts to log into the SonicWALL using HTTP, the browser is automatically redirected to HTTPS. For information on configuring RADIUS, refer to Configuring RADIUS for SonicOS Enhanced .
|
|
•
|
RADIUS + Local Users—If you want to use both RADIUS and the SonicWALL local user database for authentication. For information on configuring RADIUS, refer to Configuring RADIUS for SonicOS Enhanced .
|
|
•
|
LDAP—If you use a Lightweight Directory Access Protocol (LDAP) server or Microsoft Active Directory (AD) server to maintain all your user account data. For information about configuring LDAP, refer to Configuring LDAP and Active Directory .
|
|
•
|
LDAP + Local Users—If you want to use both LDAP and the SonicWALL local user database for authentication. For information about configuring LDAP, refer to Configuring LDAP and Active Directory .
|
|
3
|
The Single-sign-on method (s) field displays the status of the available method(s). You can enable/disable methods, or click the configure button to configure a single-sign-on method. The following methods are available:
|
|
•
|
SSO Agent — Configure the SSO Agent if you are using Active Directory for authentication and the Dell SonicWALL SSO Agent is installed on a computer in the same domain.
|
|
•
|
Terminal Services Agent — Configure the SSO Agent if you are using Terminal Services and the Dell SonicWALL Terminal Services Agent (TSA) is installed on a terminal server in the same domain.
|
|
•
|
Browser NTLM Authentication — Configure Browser NTLM Authentication if you want to authenticate Web users without using the Dell SonicWALL SSO Agent or TSA. Users are identified as soon as they send HTTP traffic. NTLM requires RADIUS to be configured (in addition to LDAP, if using LDAP), for access to MSCHAP authentication.
|
|
•
|
RADIUS Accounting — Configure RADIUS Accounting if you want a network access server (NAS) to send user login session accounting messages to an accounting server.
|
|
4
|
To require that user names are treated as case-sensitive, select Case-sensitive user names.
|
|
5
|
To prevent a user from logging in from more than one location at a time, select Enforce login uniqueness.
|
|
6
|
Enter the number of minutes that the login authentication page is displayed in the Show authentication page for field.
|
|
7
|
Select Redirect users from HTTPS to HTTP on completion of login if the session does not need to be encrypted.
|
|
8
|
If using RADIUS authentication (and if the RADIUS server supports it) a CHAP challenge can be used to authenticate users during web login, click Allow HTTP login with RADIUS CHAP mode to enable this. This option is only available when the Authentication method for login is RADIUS or RADIUS+Local Users.
|
|
9
|
Select Force relogin after password change to force the user to login immediately after changing the password.
|
|
•
|
|
•
|
|
3
|
|
1
|
Enter the number of minutes that the login authentication page is displayed in the Show authentication page for field.
|
|
3
|
Select Redirect users from HTTPS to HTTP on completion of login if the session does not need to be encrypted.
|
|
4
|
If using RADIUS authentication (and if the RADIUS server supports it) a CHAP challenge can be used to authenticate users during web login, click Allow HTTP login with RADIUS CHAP mode to enable this. This option is only available when the Authentication method for login is RADIUS or RADIUS+Local Users.
|
The settings listed below apply to all users when authenticated through the SonicWALL. To configure user session settings, expand the Users tab and click on the Settings tab.
The following options are configured in the User Session Settings section:
|
•
|
Inactivity timeout (minutes): you are logged out of the SonicWALL after a preconfigured length of inactivity time. Enter the number of minutes in this field. The default value is five minutes.
|
|
•
|
Enable login session limit: you can limit the time a user is logged into the SonicWALL by selecting the check box and typing the amount of time, in minutes, in the Login session limit (minutes) field. The default value is 30 minutes.
|
|
•
|
Login session limit (minutes): defines how much time you have to log in before the login page times out. If it times out, a message displays saying you must click before attempting to log in again.
|
|
•
|
Show user login status window with logout: causes a status window to display with a Log Out button during the user’s session. Click Log Out to log out of your session.
|
|
•
|
User's login status window refreshes every (minutes): determines how often your status display is updated.
|
|
•
|
User's login status window sends status heartbeat every (seconds): determines how often a heartbeat is sent back to the SonicWALL. This heartbeat notifies the SonicWALL of your connection status and continues to be sent as long at the status window is open.
|
|
•
|
Enable disconnected user detection: causes the SonicWALL to detect when your connection is no longer valid and ends the session.
|
|
•
|
Timeout on heartbeat from user's login status window (minutes): sets the time needed without a reply from the heartbeat before ending your session.
|
|
•
|
Open user’s login status window in the same window rather than in a popup: enable this option if you do not want the login status window to open as a pop-up window.
|
|
•
|
LDAP read from server options: are available when the LDAP option is active. The options are:
|
The Acceptable Use Policy section allows you to create the AUP message window for users. You can use HTML formatting in the body of your message. Clicking Example Template creates a preformatted HTML template for your AUP window.
|
1
|
|
2
|
Select which users will see the AUP page by selecting the Display on login from check boxes. For SonicOS Enhanced, select the zones that displays the AUP page. For SonicOS Standard, select the network interfaces.
|
|
3
|
Configure the dimensions of the AUP window in pixels in the Window size (pixels) fields.
|
|
4
|
Click Enable scroll bars on the window to allow users to scroll through the AUP window contents.
|
|
5
|
Enter the text for the AUP in the Acceptable use policy page content. The content can include HTML formatting. The page that is displayed to the user includes an I Accept button or Cancel button for user confirmation.
|
|
6
|
Click Example Template to create a preformatted HTML template for your AUP window.
|
|
7
|
Click Preview to display your AUP message as it appears for the user.
|
|
8
|
Click Update.
|
|
1
|
Click Add.
|
|
2
|
In the Enter URL window, enter the top level URL you are adding.
For example: www.SonicWALL.com, all sub directories of that URL are included, such as www.SonicWALL.com/us/Support.html. |
|
3
|
Click on OK to add the URL to the list.
|
|
1
|
On the Users > Settings page, scroll down to the Customize Login Pages section.
|
|
2
|
Select the page to be customized from the Select Login Page pulldown menu.
|
|
3
|
Scroll to the bottom of the page and click Default to load the default content for the page.
|
|
5
|