Score:1

SonicWall SSL VPN with both AD and local users

de flag

I'm currently setting up a VPN for our enterprise users using SonicWall SSL VPN and the NetExtender client on Windows 10 (no mobiles devices).

The firewall is querying the Active Directory database for users in a specific group, which are authorized to use the VPN. When those users connect to the VPN using NetExtender, the domain used is "xxx.local" and It works fine.

But when a local user (created on the firewall itself) wants to login, using the "xxx.local" domain fails with bad credentials, which makes sense.

Therefore, what is the domain to be used for local users when connecting to the VPN using NetExtender? Is there a way to use both of those account types?

EDIT: here are the settings we have currently set up for the SSL VPNSonicwall settings

Score:1
cn flag

Yes you can use both account type; please use LocalDomain for the domain, case sensitive.

LeRouteur avatar
de flag
Thanks for your answer. Sadly, this is not working. Since we have set up the domain to be "xxx.local" in the SSL VPN Server Settings, it's not working (see added picture in the question). Have we done it the right way? Most users will be AD users, thus connecting using our AD domain.
yagmoth555 avatar
cn flag
@LeRouteur Tried in the username field when the user connect to enter username@LocalDomain ? as a workaround, even if it's wrote under your real domain.
LeRouteur avatar
de flag
Sadly no, it does not work. Do you want me to grab some logs on the Sonicwall or the NetExtender?
Score:0
de flag

Just found the answer: there is a group called "SSLVPN Services" in which you can add the local users, and even if the domain is set in the NetExtender client, they will connect using their local account. I also opened a case at the SonicWALL support for some other problems, and they told me about this issue that it was preferable to use LDAP accounts instead of mixed ones (local + LDAP).

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.