SonicWall - RADIUS integration
This document explains how to integrate TrustBuilder MFA with SonicWall through RADIUS.
Prerequisites
An administrator account of SonicWall firewall admin portal
An administrator account of TrustBuilder MFA admin portal
Allow UDP traffic in port 812 from SonicWall firewall to TrustBuilder MFA radius server
SonicWall firewall Radius Configuration
Navigate to Device > Users > Settings.
In User Authentication method select Radius + Local Users
Note: Local Users must also exist in TrustBuilder user database. Otherwise, the access will be denied.Click on Configure Radius and specify the following settings:
Option | Description |
Host Name or IP Address | TrustBuilder provides two Radius server pool. Each radius server pool load-balance the workload on several radius servers located in different datacenters:
|
Port | 1812 |
Shared Secret | Secret shared between SonicWall and the TrustBuilder Radius servers |
Confirm Shared Secret | Confirmation of Share Secret |
Click on Save.
Go to Radius Users and choose the “Default user group to which all Radius users belong”
In this example, the local users belong to SSLVPN Service user group, and they will be asked to do TrustBuilder MFA in Radius when a VPN SSL connection is required.
TrustBuilder Radius Connector configuration
After logging into the admin console, go to Secure site tab > Connector.
Add a connector of type Radius Push
Specify the following settings:
Option | Description |
IP Address | IP address of the public interface of your SonicWall |
Shared Secret | Secret shared between SonicWall and the TrustBuilder Radius servers |
Click on Add
Any modification made to TrustBuilder radius connector will be applied within the next 15 minutes.