Page 280 SonicWALL Internet Security Appliance Administrator’s Guide
Appendix I - Configuring RADIUS and ACE Servers
Individual users must have their privileges defined on the RADIUS server used for authenticating the
users. Global user privileges can be configured on the RADIUS tab of the SonicWALL management
interface, but SonicWALL-specific privileges must be configured on the RADIUS server.
Different vendors also have different methods of configuring the privileges on their servers. In some
cases, it can be complex, but most allow for the configuration of group profiles or policies which
means you can configure the attributes once per group.
This Appendix describes the configuration of user privileges on various vendors of RADIUS servers,
and also notes the particular RADIUS servers which support CHAP (Challenge Handshake
Authentication Protocol) mode. CHAP support is required if HTTPS is not available for logging into
the SonicWALL.
Steel Belted RADIUS (Funk Software)
Steel Belted RADIUS server version 3.0 from Funk Software supports pre-configuration of vendor-
specific attributes in a vendor-specific dictionary file. SonicWALL.dct is the new dictionary file for the
SonicWALL.
To configure the Steel Belted RADIUS server to include the SonicWALL.dct file, use the following
instructions:
1. Locate the directory that Steel Belted RADIUS is installed, C:\RADIUS by default, and copy the
SonicWALL.dct file into C:\RADIUS\Service folder.
2. Edit the vendor.ini file located in the Service folder using Notepad. Add the following lines so
that they are in alphabetical order with the other vendor products in the file:
3. Edit the dictiona.dcm file using Notepad, and add the entry @sonicwall.dct to it, keeping the
entry in alphabetical order with the existing entries.
4. Restart the Windows service called Steel Belted RADIUS Service.
5. Run the Steel Belted RADIUS Administrator.
6. Click RAS Clients, and select SonicWALL Firewall from the Make/Model list. Click Save.
If there is no entry for SonicWALL Firewall, be sure that steps 2 and 3 were performed correctly.
Table 1:
vendor-product = SonicWALL Firewall
dictionary = SonicWALL
ignore-ports = no
port-number-usage = per-port-type
help-id = 2000