NPS
Requirements
- Have a functional Active Directory
- Have NPS protected by IRONCHIP (NPS tutorial link)
- Have an MFA application created in the IRONCHIP platform (MFA tutorial link)
- Ironchip App downloaded
Configuration
The first step is to go to the left menu, and within “System configuration”, enter the “Authentication Servers” section.
Within this section, create a new configuration by clicking on “New”.-gif-1.png?width=673&height=351&name=imageedit_6_3504435586%20(1)-gif-1.png)
Select the “RADIUS (Username/Password)” type
-gif-1.png?width=681&height=551&name=imageedit_12_4402815371%20(1)-gif-1.png)
In this tab, enter the corresponding data for your RADIUS server.
- Descriptive name for this configuration.
- IP of your Radius server
- RADIUS shared secret
- Match RADIUS groups by: filter ID 11
- Time out at 60 seconds
-gif-2.png?width=676&height=663&name=imageedit_17_7824345472%20(1)-gif-2.png)
Once you have saved the changes, go to the “Security Administration” section, and create a new entry in the “Access Control” section.
-gif.png?width=685&height=423&name=imageedit_20_7036989324%20(1)-gif.png)
Fill in the fields just like in the image, except for the description, which can be personalized.
- Position: 1 enabled
- Description: xxxxxxx
- Action: Permit
- Direction: User
- From: Any
- To: Any
Save the changes.
Finally, create a RADIUS Server that points to the SonicWall IP.
-png-1.png?width=683&height=268&name=imageedit_33_8237614325%20(1)-png-1.png)
From now on, when you try to log in, select the generated service, enter your user credentials, and accept the Ironchip notification on your phone to enter.
SAML
Requirements
- Ironchip app downloaded
Configuration
The first step is to go to the left menu, and within “System configuration”, enter the “Authentication Servers” section.
-gif-1.gif?width=254&height=489&name=imageedit_2_7673541883%20(1)-gif-1.gif)
Within this section, create a new configuration by clicking on “New”.
%20(1)-gif-1.png?width=680&height=355&name=imageedit_6_3504435586%20(1)%20(1)-gif-1.png)
Select “SAML 2.0”
-gif-2.png?width=686&height=555&name=imageedit_43_2394418842%20(1)-gif-2.png)
Before continuing, go to the Ironchip identity platform, generate a new SAML type application, and download the metadata file.
With this file already downloaded, go back to SonicWall and upload it in the new configuration generated in SonicWall.
-gif-1.png?width=676&height=870&name=imageedit_51_8374042970%20(1)-gif-1.png)
Once imported, export the file that SonicWall has generated.
-gif-1.png?width=681&height=876&name=imageedit_53_3336702227%20(1)-gif-1.png)
Copy the content of that file, upload it to a public address, and paste the URL into the metadata URL section of the previously created SAML application.
-gif-1.png?width=611&height=801&name=imageedit_56_7501991870%20(1)-gif-1.png)
Add users to this service with the same username as SonicWall, and when authenticating, select the new generated authentication.
A new Ironchip tab will open in which you have to enter your username, and a notification will be sent to the APP.
