Local groups are displayed in the
Local Groups
table. The table lists Name
, Bypass Content
Filters
, Guest Services
, Admin
(access type), VPN Access
, and Configure
.
A default group,
Everyone
, is listed in the table. Click the edit icon in the Configure
column to review or change the settings for Everyone
.
See the following sections for configuration instructions:
This section describes how to create a local group, but also applies to editing existing local
groups. To edit a local group, click the edit icon in same line as the group that you want to edit, then follow the steps in this procedure.
When adding or editing a local group, you can add other local groups as members of the group.
To add a local group:
Step 1
|
Click the
Add Group
button to display the Add Group
window.
|
Step 2
|
On the
Settings
tab, type a user name into the Name
field. Optionally, you may select the Members go straight to the management UI on web login
checkbox. This selection will only apply if this new group is subsequently given membership in another administrative group. You may also select the Require one-time passwords
checkbox to require SSL VPN users to submit a system-generated password for two-factor authentication. Users must have their email addresses set when this feature is enabled.
|
Step 3
|
On the
Members
tab, to add users and other groups to this group, select the user or group from the Non-Members Users and Groups
list and click the right arrow button ->.
|
Step 4
|
The
VPN Access
tab configures which network resources VPN users (either GVC, NetExtender, or Virtual Office bookmarks) can access. On the VPN Access
tab, select one or more networks from the Networks
list and click the right arrow button (->
) to move them to the Access List
column. To remove the user’s access to a network, select the network from the Access List
, and click the left arrow button (<-
).
|
|
Note
|
The
VPN access
tab affects the ability of remote clients using GVC, NetExtender, and SSL VPN Virtual Office bookmarks to access network resources. To allow GVC, NetExtender, or Virtual Office users to access a network resource, the network address objects or groups must be added to the “allow” list on the VPN Access
tab.
|
Step 5
|
On the
CFS Policy
tab, to enforce a custom Content Filtering Service policy for this group, select the CFS policy from the Policy
drop-down list.
|
Step 6
|
On the
Bookmark
tab, administrators can add, edit, or delete Virtual Office bookmarks for each group.
|
You can configure local user groups on the SonicWALL by retrieving the user group names from
your LDAP server. The Import from LDAP...
button launches a dialog box containing the list of user group names available for import to the SonicWALL.
Having user groups on the SonicWALL with the same name as existing LDAP/AD user groups
allows SonicWALL group memberships and privileges to be granted upon successful LDAP authentication.
To import groups from the LDAP server:
Step 1
|
In the
Users > Settings
page, set the Authentication Method
to LDAP
.
|
Step 2
|
In the
Users > Local Groups
page, click Import from LDAP...
.
|
Step 3
|
In the
LDAP Import User Groups
dialog box, optionally select the checkbox for groups that you do not want to import, and then click Remove from list
.
|