top of page
  • Facebook
  • Instagram
  • LinkedIn
  • X
  • Whatsapp
Search

Step-by-Step Guide to NPS Configuration for SonicWall Firewall

Configuring Network Policy Server (NPS) for authentication with a SonicWall firewall using RADIUS ensures secure and centralized user authentication. This guide provides a detailed step-by-step approach to setting up NPS on a Windows Server and integrating it with SonicWall.

Note: This SonicWall configuration has not been tested in a production environment. Please test in a lab setup before implementing it in production.

Step 1: Install NPS Role on Windows Server


  1. Open Server Manager.

  2. Navigate to Manage > Add Roles and Features.

  3. In the Roles section, select Network Policy and Access Services and click Next.

  4. Under Role Services, select Network Policy Server and complete the installation.


Step 2: Add RADIUS Servers to NPS

Open NPS Console


  1. Press Windows Key + R, type nps.msc, and press Enter.


Configure RADIUS Clients


  1. In the NPS console, navigate to NPS (Local) > RADIUS Clients and Servers > RADIUS Clients.

  2. Right-click RADIUS Clients and select New RADIUS Client.

  3. Enter the details:

  4. Check Add to the list of RADIUS clients.

  5. Click OK.


Step 3: Create and Configure the Network Policy for SonicWall


  1. In the Network Policies section, ensure that policies responsible for authenticating users are correctly set up.

  2. Ensure both primary and secondary RADIUS servers send the correct SonicWall-Privilege-Level attribute:


Enable Unencrypted Authentication (PAP, SPAP)


  1. Open the policy.

  2. Select Unencrypted authentication (PAP, SPAP).


Step 4: Add SonicWall VSAs Manually


  1. Edit the Network Policy.

  2. Navigate to the Settings tab.

  3. Under Standard Settings, find and select Vendor-Specific.

  4. Click Add.

  5. Configure SonicWall Vendor-Specific Attributes:

  6. Click OK and apply changes.


Step 5: SonicWall RADIUS Configuration

Enable RADIUS Authentication


  1. Log in to the SonicWall firewall.

  2. Navigate to Users > Settings.

  3. Enable RADIUS Authentication.


Configure RADIUS Server


  1. Navigate to Users > RADIUS Servers.

  2. Click Add and configure:


Assign RADIUS to User Groups


  1. Navigate to Users > Local Groups.

  2. Add the RADIUS users to the required groups.


Enable RADIUS for Administrative Access


  1. Go to System > Administration.

  2. Under Authentication Method for Admins, select RADIUS + Local Users.

  3. Click Apply.


Step 6: SonicWall CLI Configuration (Similar to Cisco’s AAA Configuration)

config terminal
radius-server host 192.168.1.35 key radiuskey
radius-server timeout 5
radius-server retransmit 3
radius-server authentication 1812
radius-server accounting 1813
exit

AAA Authentication and Authorization

config terminal
aaa authentication login default radius local
aaa authorization exec default radius local
exit

Enable RADIUS for SSH Access

config terminal
line vty 0 4
login authentication default
authorization exec default
transport input ssh
exit

Conclusion

This guide provides a comprehensive step-by-step configuration of NPS for SonicWall firewall integration. Ensure to test the setup in a lab environment before applying it to production. If you have any questions or require further clarifications, feel free to comment below.

Comments

MatchAnB Solution | Best IT solution

With over 25 Years of experience in IT infrastructure, Matchanb.in has a deep technical understanding and a proven ability to adapt to the ever-evolving technology landscape. Let us help you navigate the complexities of modern IT with expertise and confidence.

Opening Hours

Mon - Fri: 9am - 6pm IST
​​Saturday: 10am - 2pm IST
​Sunday: Closed

Address

D-84, Palm Greens, 
Nr. White field, Behind: Divya Bhashkar, Makarba Road, Makarba,

Ahmedabad -380051
Gujarat, India

  • Facebook
  • Instagram
  • LinkedIn
  • X
  • Whatsapp

Copyright © MatchAnb Solution

bottom of page