Filter
Top Products
User Management
1059
SonicOS 5.8.1 Administrator Guide
• User groups for legacy users with Internet access – Defines the user group that
corresponds to the legacy ‘Allow Internet access (when access is restricted)’ privileges.
When a user in this user group is authenticated, the remote SonicWALL is notified to give
the user the relevant privileges.
Note The ‘Bypass filters’ and ‘Limited management capabilities’ privileges are returned based on
membership to user groups named ‘Content Filtering Bypass’ and ‘Limited Administrators’
– these are not configurable.
Step 11 Select the Test tab to test the configured LDAP settings:
The T
est LDAP Settings page allows for the configured LDAP settings to be tested by
attempting authentication with specified user and password credentials. Any user group
memberships and/or framed IP address configured on the LDAP/AD server for the user will be
displayed.
Configuring L2TP to use LDAP for MacOS and iOS Connections
Some care must be taken when configuring devices running MacOS or Apple iOS (iPad/iPhone/
iPod touch) for L2TP connections using either LDAP or RADIUS. This is because iOS devices
accept the first supported authentication protocol that is proposed by the server. In SonicOS,
the default authentication protocol order was changed in SonicOS beginning in releases 5.8.0.8
and 5.8.1.1. Here are the default authentication protocol orders:
• Prior to 5.8.0.8 and 5.8.1.1: CHAP, PAP, MS-CHAP, MS-CHAPv2.
• 5.8.0.8 and 5.8.1.1 and above: MS-CHAPv2, CHAP, MS-CHAP, PAP.
Note Upgrades from previous firmware versions will retain the original ordering. The new ordering
is set on new installations only.