SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
SSL VPN
935
SonicOS 5.8.1 Administrator Guide
Configuring Users for SSL VPN Access
In order for users to be able to access SSL VPN services, they must be assigned to the
SSLVPN Services group. Users who attempt to login through the Virtual Office who do not
belong to the SSLVPN Services group will be denied access. The following sections describe
how to configure user accounts for SSL VPN access:
“Configuring SSL VPN Access for Local Users” section on page 935
“Configuring SSL VPN Access for RADIUS Users” section on page 936
“Configuring SSL VPN Access for LDAP Users” section on page 936
Configuring SSL VPN Access for Local Users
To configure users in the local user database for SSL VPN access, you must add the users to
the SSLVPN Services user group. To do so, perform the following steps:
Step 1 Navigate to the Users > Local Users page.
Step 2 Click on the configure icon for the user you want to edit, or click the Add User button to
create a new user. The Edi
t User window is launched.
Step 3 Click on the Groups tab.
Step 4 In the User Groups column, click on SSLVPN Services and click the right arrow to move it to
the Member Of column.
Step 5 Click on the VPN Access tab. The VPN Access tab configures which network resources VPN
users (either GVC, NetExtender, or Virtual Office bookmarks) can access. Select one or more
network address objects or groups from the Networks list and click the right arrow button (->)
to move them to the Access List column. To remove the user’s access to a network address
objects or groups, select the network from the Access List, and click the left arrow button (<-).
Note The VPN access tab affects the ability of remote clients using GVC, NetExtender, and SSL
VPN Virtual Office bookmarks to access network resources. To allow GVC, NetExtender, or
Virtual Office users to access a network resource, the network address objects or groups
must be added to the “allow” list on the VPN Access tab.
Step 6 Click OK.
Note The feature, One-Time Password, is a two-factor authentication scheme utilizing system-
generated, random passwords, in addition to standard user name and password credentials,
for users attempting to login through SSL VPN connections. For more information on
configuring this feature, see “One-Time Password” section on page 1001.