Справочник Пользователя для SonicWALL 5.8.1

This change in default authentication protocol order, combined with the iOS behavior of 
accepting the first supported authentication protocol will default to SonicOS and iOS devices 
using RADIUS authentication (because Active Directory does not support CHAP, MS-CHAP, or 
MS-CHAPv2).

To force L2TP connections from iOS devices to use LDAP instead of RADIUS, follow the steps 
outlined below.

Navigate to the VPN > L2TP Server page. 

Click Configure.

Click on the PPP tab. 

Ensure that PAP is moved to the top of the list. 

Click OK.

The order of authentication protocols can also be changed to force L2TP connections from 
iOS devices to use RADIUS by moving PAP to the bottom of the list.

Configuring SSO is a process that includes installing and configuring the SonicWALL SSO 
Agent and/or the SonicWALL Terminal Services Agent (TSA), and configuring a SonicWALL 
security appliance running SonicOS Enhanced to use the SSO Agent or TSA. You can also 
configure SSO to use browser NTLM authentication with HTTP traffic, with or without the SSO 
Agent. For an introduction to SonicWALL SSO, see 

. 

The SonicOS SSO feature is capable of working in Virtual Machine environments, but is not 
officially supported. This is due to the variety of potential resource consuming environments 
of VM deployments, making it not practicable to effectively test and verify all possible 
permutations.