Extensive features are available on the Access>Users page for managing authentication and access to the network. Authentication can be performed using a local user database, RADIUS, or a combination of the two applications. Currently, when a VPN tunnel is established between two SonicWALL appliances, any users residing on the local LAN of each SonicWALL can send data across the VPN. In some cases, complete user access could be a security risk, and only authenticated users access the VPN tunnel and send data across the network.
Time users out after 5 minutes of inactivity - Enter the number of allowable inactivity minutes before a user is automatically logged out of the network via the SonicWALL.
Limit login session time to - Limit the length of time, in minutes, that a user is allowed to be logged into the network via the SonicWALL. When a user logs into the SonicWALL using a username and password, the user can also set the maximum login session time, but it cannot be longer than the time configured by the administrator. If Limit login session time to is not selected, then the user has unlimited login session time on the SonicWALL.
Use RADIUS - Select Use Radius if you have configured RADIUS to authenticate users accessing the network through the SonicWALL. If you have more than 100 users requiring authentication, you must use a RADIUS server. If you select Use RADIUS, users must log into the SonicWALL using HTTPS in order to encrypt the password sent to the SonicWALL. If a user attempts to log into the SonicWALL using HTTP, the browser is automatically redirected to HTTPS.
Allow only users listed below - Enable this setting if you have a subset of RADIUS users accessing the SonicWALL. The user names must be added to the internal SonicWALL user database before they can be authenticated using RADIUS.
User Name - Type in the username for the user.
Password - Type in the login password for the user.
Confirm Password - Type in the login password again to confirm it.
Alert! By enabling Remote Access, you allow unencrypted traffic over the Internet.
Access to VPNs - Enable the check box if the user can send information over the VPN Security Associations with authentication enforcement.
Tip! The SonicWALL supports up to 100 users requiring RADIUS authentication in the local database.
Alert! You must add a user to the Local Database to enforce access privileges.
To add a new user, complete the following steps.
Highlight -Add New User- in the Current User list box.
Enter the name of a user into the User Name field.
Enter the user password in the Password and Confirm Password field. The password is case-sensitive.
Choose the privileges to be enabled for the user by selecting the appropriate check boxes.
Click Update to add the user to the SonicWALL database.
To remove a user, highlight the User Name, and click Remove User.
A list of all current users is displayed in a table at the bottom of the page. The Current Users table lists the User Name, the IP Address of the user, the Session Time, Time Remaining of the session, and the Inactivity Remaining time.
A list of current users locked after failing to log into the SonicWALL correctly is displayed in this section. The table lists the User Name Tried, the IP Address, Lockout Time Remaining, and an Unlock icon. The Unlock icon is used by the Administrator to allow the user access to the SonicWALL. Click the icon to enable access for the user.
When a user other than the administrator logs into the SonicWALL Management interface, a page is displayed with the users privileges listed. The user can set the maximum time for a login session, but it cannot be longer than the session time set by the administrator. The connection closes when the user exceeds the inactivity time-out period or the maximum session time is exceeded. If the connection is closed, the user must re-authenticate to regain their access through the SonicWALL.
Logging into the SonicWALL as the administrator automatically gives the user access to all VPN tunnels requiring authentication.
Tip! Authentication sessions create a log entry in the SonicWALL, but user activity is not logged.
Help Table of Contents