User Management
1040
SonicOS 5.8.1 Administrator Guide
• With L2TP, the relevant RADIUS protocol is automatically selected according to the PPP
protocol being used.
• With VPN including Global VPN Client, RADIUS MSCHAP/MSCHAPv2 mode can be forced
to allow password updating. This can be selected in the VPN > Advanced page and the SSL
VPN > Server Settings page.
• Other scenarios all involve authenticating internal users and there is no need to provide a
mechanism for password update (they can do it locally on their PCs). Standard RADIUS
mode is used in this case.
• The Allow HTTP login with RADIUS CHAP mode option on the Users > Settings page
allows users to log in via HTTP rather than HTTPS when using RADIUS to authenticate
them. CHAP mode provides a challenge protocol for authentication so that the browser
does not send the user’s password in the clear over HTTP.
To configure RADIUS settings:
Step 1 Click Configure to set up your RADIUS server settings on the SonicWALL. The RADIUS
Configuration window is displayed.
Step 2 Under Global RADIUS Settings, type in a value for the RADIUS Server Timeout (seconds).
The allowable range is 1-60 seconds with a default value of 5.
Step 3 In the Retries field, enter the number of times the SonicWALL will attempt to contact the
RADIUS server. If the RADIUS server does not respond within the specified number of retries,
the connection is dropped. This field can range between 0 and 10, with a recommended setting
of 3 RADIUS server retries.