I'm attempting to add users on the sonicwall from my windows AD. I want the windows logon password to be the VPN password.
Users>Local users> import from ldap > I pick the user and they are created.
Acho que você deseja selecionar LDAP + Local Users
e não apenas Local Users
se desejar Integrar o LDAP / Active Directory com Sonicwall UTM Appliance . Também sigo as outras etapas dessas instruções para garantir que você esteja configurando corretamente para sua necessidade.
Integrating LDAP/Active Directory with Sonicwall UTM Appliance (With video tutorial)
Video Tutorial: Click here for the video tutorial of this topic.
Procedure:
Go to Users > Settings page
In the Authentication method for login drop-down list, select **LDAP
- Local Users** and Click Configure
- On the Settings tab of the LDAP Configuration window, configure the following fields
On the Directory tab, configure the following fields: Primary domain: The user domain used by your LDAP implementation
User tree for login to server: The location of where the tree is that the user specified in the settings tab
Click on Auto-configure
Select Append to Existing trees and Click OK
This will populate the Trees containing users and Trees containing user groups fields by scanning through the directories in search of all trees that contain user objects.
- On the Schema tab, configure the following fields: LDAP Schema: Microsoft Active Directory
On the LDAP Users tab, configure the following fields:
Default LDAP User Group : Trusted Group
How to Test:
On the LDAP Test tab, Test a Username and Password in Active directory to make sure that the communication is successful.
source
Você também diz. . .
I'm getting this "warning" when I click some screens. "Note that LDAP authentication is selected with Active Directory, and it does not support CHAP authentication via LDAP. If L2TP users are to use CHAP then you should configure RADIUS so that it can be used for this, if you have not already done so." It seems you may want to follow this path of navigation in the SonicWALL configuration to integrate LDAP/Active Directory with SonicWALL
My end remote users are NOT using chap. Does this in anyway apply to sonicwall <--> Active Directory communication?
De acordo com o SonicOS: Habilitando o RADIUS para o LDAP Relay para autenticação L2TP no SonicOS Enhanced dependendo da sua configuração, você pode precisa configurar o SonicWALL central para operar como um servidor RADIUS ou então procurar em configurando um servidor RADIUS e configurando o SonicWALL e outras configurações aplicáveis (por exemplo, LDAP Relay ).
LDAP does not usually support CHAP/MSCHAP authentication (Microsoft Active Directory and Novell eDirectory do not). The SonicWALL will automatically divert CHAP/MSCHAP authentications to RADIUS if LDAP does not support it and RADIUS is configured, so configure RADIUS if that is the case and L2TP server or VPN client connections are to use CHAP/MSCHAP.
The RADIUS to LDAP Relay feature is designed for use in a topology where there is a central site with an LDAP/AD server and a central SonicWALL with remote satellite sites connected into it via low-end SonicWALL security appliances that may not support LDAP. In that case the central SonicWALL can operate as a RADIUS server for the remote SonicWALLs, acting as a gateway between RADIUS and LDAP, and relaying authentication requests from them to the LDAP server
source