UTM SSL-VPN: How to configure LDAP authentication for SSL-VPN Users. (SW8554)

  • Title

    UTM SSL-VPN: How to configure LDAP authentication for SSL-VPN Users.
  • Resolution

    Article Applies To:

    SonicWALL Security Appliance Platforms:

    Gen6 SM E10000 series: NSA E10800, NSA E10400, NSA E10200, NSA E10100
    Gen6 SM 9000 series: NSA 9600, NSA 9400, NSA 9200
    Gen6 NSA Series: NSA 6600, NSA 5600, NSA 4600, NSA 3600, NSA 2600

    Gen5 NSA E-Class series: NSA E8510, E8500, NSA E7500, NSA E6500, NSA E5500
    Gen5 NSA series: NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 2400 MX, NSA 240, NSA 220, NSA 220 /W. NSA 250M, NSA 250M /W.
    Gen5 TZ Series: TZ 215, TZ 215 W, TZ 210, TZ 210 W,  TZ 205, TZ 205 W, TZ 200, TZ 200 W, TZ 105, TZ 105 W, TZ 100, TZ 100 W

    Firmware/Software Version: 
    Gen5: SonicOS (5.2 to 5.8) Firmware
    Gen6: SonicOS (6.X & above) Firmware

    Services: SSL-VPN, LDAP


    This article outlines all necessary steps to configure LDAP authentication for SSL-VPN users.



    SSL-VPN Settings

    • Login to the SonicWALL Mangement GUI
    • Navigate to the SSL-VPN > Server Settings page.
    • Click on WAN to enable SSL-VPN on the WAN zone.


    • Navigate to the SSL VPN > Client Settings page and enter the following information:

    • Navigate to the Client Routes page and enter the following information:

    LDAP Settings

    • Navigate to the Users > Settings page.
    • Select LDAP (or LDAP + Local Users) as authentication method and click on Configure.
    • Enter the following information to configure LDAP authentication:

    • In the following screenshot, a group called SSL-VPN Users is being imported. This or a similar group needs to have been created in the AD before performing this action.

    User Settings

    • Navigate to the Users > Local Groups page.
    • Click on configure on the newly imported SSL-VPN Users group.
    • Under VPN Access tab select LAN Subnets or any other subnets that you wish to allow for this user group.
    • Click on OK to save the settings.

    • To make SSL-VPN Users group a member of the SSLVPN Services group, click on Configure on SSLVPN Services and add SSL-VPN Users group as a member.
    • Click on OK.

    As per the above configuration, only members of the group SSL-VPN Users will be able to connect to SSL-VPN.

  • Key Words


SonicWALL NSA Series
4500, 3500, 2400
SonicWALL E-Class NSA Series
E8500, E7500, E6500, E5500
SonicWALL TZ Series
210W, 210, 200W, 200, 100W, 100

Technical Solutions

Article History:
Created on: 12/9/2010
Last Update on: 5/13/2014

Feedback submitted.

Did this article help?

[Select Rating]

Thank you for your rating!


Request or Create a KB Article »