SonicWALL 5.8.1 Manuale Utente

User groups for legacy users with Internet access – Defines the user group that 
corresponds to the legacy ‘Allow Internet access (when access is restricted)’ privileges. 
When a user in this user group is authenticated, the remote SonicWALL is notified to give 
the user the relevant privileges.

The ‘Bypass filters’ and ‘Limited management capabilities’ privileges are returned based on 
membership to user groups named ‘Content Filtering Bypass’ and ‘Limited Administrators’ 
– these are not configurable.

Select the Test tab to test the configured LDAP settings:

The Test LDAP Settings page allows for the configured LDAP settings to be tested by 
attempting authentication with specified user and password credentials. Any user group 
memberships and/or framed IP address configured on the LDAP/AD server for the user will be 
displayed.

Some care must be taken when configuring devices running MacOS or Apple iOS (iPad/iPhone/
iPod touch) for L2TP connections using either LDAP or RADIUS. This is because iOS devices 
accept the first supported authentication protocol that is proposed by the server. In SonicOS, 
the default authentication protocol order was changed in SonicOS beginning in releases 5.8.0.8 
and 5.8.1.1. Here are the default authentication protocol orders:

Prior to 5.8.0.8 and 5.8.1.1: CHAP, PAP, MS-CHAP, MS-CHAPv2. 

5.8.0.8 and 5.8.1.1 and above: MS-CHAPv2, CHAP, MS-CHAP, PAP.

Upgrades from previous firmware versions will retain the original ordering. The new ordering 
is set on new installations only.