Manualshelf

User Guide

ManualsBrandsSonicWALL ManualsOtherINTERNET SECURITY APPLIANCE
151152153154155156157158159160
SonicWALL VPN Page 153
RADIUS and XAUTH Authentication
An IKE Security Association can be configured to require RADIUS authentication before
allowing VPN clients to access LAN resources. This authentication provides an additional
layer of VPN security while simplifying and centralizing management. RADIUS
authentication allows many VPN clients to share the same VPN configuration, but requires
each client to authenticate with a unique user name and password. Because a RADIUS
server controls network access, all employee privileges can be created and modified from
one location.
Note: SonicWALL RADIUS implementation supports Steel-Belted RADIUS by Funk
Software. A 30-day demo version of Steel-Belted RADIUS can be downloaded from <http:/
/www.funk.com>. RSA ACE/Server using secure ID tokens can also be used for
authentication.
To enforce RADIUS authentication, complete the following instructions.
1. Click VPN on the left side of the browser window and then click the Configure tab.
2. Select IKE using pre-shared secret from the IPSec Keying Mode menu.
3. Configure the Security Association as specified in the IKE Configuration for the
VPN Client section. Select the Require XAUTH/RADIUS (only allows VPN
clients) checkbox in the Advanced Settings window.
Note: Only SonicWALL VPN Clients can authenticate to a RADIUS server. Users tunneling
from another VPN gateway, such a second SonicWALL, are not able to complete the VPN
tunnel if the Require XAUTH/RADIUS check box is selected.
integrated_manual.book Page 153 Friday, October 12, 2001 2:56 PM