Filter
Top Products
User Management
1058
SonicOS 5.8.1 Administrator Guide
Step 10 On the LDAP Relay tab, configure the following fields:
The RADIUS to LDAP Relay feature is designed for
use in a topology where there is a central
site with an LDAP/AD server and a central SonicWALL with remote satellite sites connected
into it via low-end SonicWALL security appliances that may not support LDAP. In that case the
central SonicWALL can operate as a RADIUS server for the remote SonicWALLs, acting as a
gateway between RADIUS and LDAP, and relaying authentication requests from them to the
LDAP server.
Additionally, for remote SonicWALLs running non-enhanced firmware, with this feature the
central SonicWALL can return legacy user privilege information to them based on user group
memberships learned via LDAP. This avoids what can be very complex configuration of an
external RADIUS server such as IAS for those SonicWALLs.
• Enable RADIUS to LDAP Relay – Enables this feature.
• Allow RADIUS clients to connect via – Check the relevant checkboxes and policy rules
will be added to allow incoming RADIUS requests accordingly.
• RADIUS shared secret – This is a shared secret common to all remote SonicWALLs.
• User groups for legacy VPN users – Defines the user group that corresponds to the
legacy ‘Access to VPNs’ privileges. When a user in this user group is authenticated, the
remote SonicWALL is notified to give the user the relevant privileges.
• User groups for legacy VPN client users – Defines the user group that corresponds to
the legacy ‘Access from VPN client with XAUTH’ privileges. When a user in this user group
is authenticated, the remote SonicWALL is notified to give the user the relevant privileges.
• User groups for legacy L2TP users – Defines the user group that corresponds to the
legacy ‘Access from L2TP VPN client’ privileges. When a user in this user group is
authenticated, the remote SonicWALL is notified to give the user the relevant privileges.