Monday, August 12, 2013

How to Setup a SonicWall for RADIUS authentication of multiple groups - Part 2

Now login into the SonicWall and go to Users, Settings:
Change Authentication method for login to RADIUS + Local Users and click Configure...

Set the Primary Server and set the Shared Secret set on the RADIUS server in part 1. If there is a secondary RADIUS server set the server and shared secret. Click on RADIUS Users

Set "Use RADIUS Filter-Id attribute on RADIUS server". Click OK to save the RADIUS settings.

Go to Local Groups under Users. Create groups that match the name given in Active Directory groups created in part 1. Open the newly created group and go to VPN Access tab. For the the Full Access VPN group add the LAN Subnet and any other networks the full VPN users will need.

For the restricted group add only the servers the restricted vpn users will need.

Finally for the VPN Admins group add the needed networks to the VPN access list and then add the group VPN Admins to the built in group SonicWall Administrators.

Once saved, you are ready to go with RADIUS authentication.