SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
User Management
1060
SonicOS 5.8.1 Administrator Guide
This change in default authentication protocol order, combined with the iOS behavior of
accepting the first supported authentication protocol will default to SonicOS and iOS devices
using RADIUS authentication (because Active Directory does not support CHAP, MS-CHAP, or
MS-CHAPv2).
To force L2TP connections from iOS devices to use LDAP instead of RADIUS, follow the steps
outlined below.
1. Navigate to the VPN > L2TP Server page.
2. Click Configure.
3. Click on the PPP tab.
4. Ensure that PAP is moved to the top of the list.
5. Click OK.
Note The order of authentication protocols can also be changed to force L2TP connections from
iOS devices to use RADIUS by moving PAP to the bottom of the list.
Configuring Single Sign-On
Configuring SSO is a process that includes installing and configuring the SonicWALL SSO
Agent and/or the SonicWALL Terminal Services Agent (TSA), and configuring a SonicWALL
security appliance running SonicOS Enhanced to use the SSO Agent or TSA. You can also
configure SSO to use browser NTLM authentication with HTTP traffic, with or without the SSO
Agent. For an introduction to SonicWALL SSO, see “Single Sign-On Overview” on page 1002.
Note The SonicOS SSO feature is capable of working in Virtual Machine environments, but is not
officially supported. This is due to the variety of potential resource consuming environments
of VM deployments, making it not practicable to effectively test and verify all possible
permutations.