Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SMA user accounting on NSA issue

gabfotgabfot Newbie ✭
edited April 2022 in Mid Range Firewalls

Hello all,


I'm a newbie with SMA products and got an issue. I use SMA with AD user logins and after login, the NSA firewall is not received the user login name. In this case, if I have an AD group filter on the NSA network rule user can not reach the dev tools for example. In the NSA users tab, I see the login IP as an unknown user.

Can you please advise me something where to start?

Devices: NSA 2600 & SMA 410


Thank you!

Category: Mid Range Firewalls
Reply

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @gabfot there is no sync between users logged into the SMA and the NSA, the NSA is not aware which AD user is represented by a NetExtender Client IP. It might be possible with Radius (instead of LDAP) and sending the Radius Accounting to the Firewall, but I never used it The SSO API might be another option if you can trigger the API call after sucessfull login.

    Long story short, it's not that easy and not possible out of the box.

    --Michael@BWC

Sign In or Register to comment.