SonicWALL SonicWALL UTM Appliance manual

Page 57

It’s not that hard of a stretch to see that if you are using LDAP integration, you could essentially build guest accounts and profiles in LDAP and then leverage that guest group in the same ways we’ve shown above. However, that may be more time consuming then necessary for administrators, especially when guests come and go frequently. SonicOS supports creating local Guest Accounts within the context of the appliance’s internal guest services. This makes it easy to rapidly create guest accounts, retire guest accounts, and set restriction policies on guests such as time allowed online, CFS, login uniqueness and so forth.

To setup wireless guest services please follow the directions in the following knowledge base articles:

Wireless: How to manually configure the Wireless Guest Services (WGS) in SonicOS Standard

Wireless: How to manually configure WGS (Wireless Guest Services) in SonicOS Enhanced (Tz Series)

Wireless: How to manually configure WGS (Wireless Guest Services) in SonicOS Enhanced (SonicWALL Pro Units)

Wireless: Creating Users in Wireless Guest Services (WGS) i

LHM – Lightweight Hotspot Messaging – External Authentication for Wireless Users

LHM, while outside the scope of this document, does warrant mention here. LHM provides a mechanism to authenticate wireless hotspot users to a backend server. For example, coffee shops, restaurants, and hotels, have used LHM to build custom portals with their means of authenticating users, billing customers for usage, and tracking accounts. Sonicwall provides the tools necessary to deliver such a solution in a flexible manner.

More information can be found in the Sonicwall KB articles by searching for “LHM” as well as the following link. http://www.sonicwall.com/downloads/SonicWALL_LHM.pdf

Created by Rob Andrews 4/30/09 with references & content from existing Sonicwall KB articles

57

Image 57
Contents Contents Page Integrating LDAP/Active Directory with Sonicwall UTM Configuring the CA on the Active Directory ServerImporting the CA Certificate onto the SonicWALL Configuring the SonicWALL Appliance for LdapPage Page Page Page Page Page Page Enable Radius to Ldap Relay Enables this feature Authentication Page Page Page Creating Firewall Rules with Ldap Groups/Users SonicOS Options That Leverage Groups/UsersPage Page Firewall Rules with Bandwidth Management & Logging Page Blocking Domains with Firewall Rules Blocking Websites Domain Names for Groups/UsersPage Page Navigate to Firewall Access Rules Create a rule to allow Http traffic for your allowed lists Do the same for Https Create the deny rules for Http and Https Firewall rules should now look like the below picture Blocking Https SSL Domains with SSL Control Configuring a SSL Blacklist and Whitelist Page Applying Different CFS Policies to Groups Page Creating Custom CFS Policies Navigate to the Policy tab and add a new CFS policy Page Page Page Http//$$fwinterface$$/$#SWLSTYLESCSS#$ Variables for Custom Block Page in SonicOSAdvanced Sample Code for SonicOS Basic Sample Code for SonicOSPage Page Sample Code for SonicOS 5.1 or Earlier Sample JavaScript Code for SonicOSApplying Application Firewall Polices to Groups/Users Page Page Page Page Tightening Control over the Browsing Behavior of Users Blocking IM Traffic Categorically Applying Granular IM Policies Global VPN Client GVC Applying VPN Access Policies to Groups/UsersPage SSL-VPN NetExtender Guest Services Wireless Guest Services