Products
- Network Security
  - Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
  - Security ServicesComprehensive security for your network security solution
  - Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
  - Capture ATPMulti-engine advanced threat detection
  - Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
  - Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
  - Secure Mobile AccessRemote, best-in-class, secure access
  - Wireless Access PointsEasy to manage, fast and secure Wi-FI
  - SwitchesHigh-speed network switching for business connectivity
- Email Security
  - Email SecurityProtect against today’s advanced email threats
- Cloud Security
  - Cloud App SecurityVisibility and security for Cloud Apps
  - Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
  - Capture ClientStop advanced threats and rollback the damage caused by malware
  - Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
  - Product Menu Right Image
  - Capture Cloud Platform
    Capture Cloud Platform
    A security ecosystem to harness the power of the cloud
- Button Widgets
  - Products A-Z
    all products A–Z FREE TRIALS
Solutions
- Industries
- Use Cases
- Solutions Widgets
  - Solutions Content Widgets
    Federal
    Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
  - Solutions Image Widgets
Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
  - Custom HTML : Partners Content WIdgets
    Partner Portal
    Access to deal registration, MDF, sales and marketing tools, training and more
  - Partners Image Widgets
Support
- Support
- Resources
- Capture Labs
- Support Widget
  - Custom HTML : Support Content WIdgets
    Support Portal
    Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
  - Support Image Widgets
COMPANY
PROMOTIONS
- SonicWall Promotions
- Customer Loyalty Program
MANAGED SERVICES
Contact Sales

English English en

Configuring L2TP authentication protocols to use LDAP instead of RADIUS for iOS (iPad/iPhone/iPod t

03/26/2020 25 People found this article helpful 46,197 Views

Description

Configuring L2TP authentication protocols to use LDAP instead of RADIUS for iOS (iPad/iPhone/iPod touch) connections

Resolution

Overview:

iOS devices accept the first supported authentication protocol proposed by the server. The default preferred authentication protocol order in SonicOS (prior to 5.8.0.8 and 5.8.1.1) is CHAP, PAP, MS-CHAP, and then MS-CHAPv2. In 5.8.0.8 and 5.8.1.1 the order has been changed to MS-CHAPv2, CHAP, MS-CHAP, and then PAP. This combined with the iOS behavior of accepting the first supported authentication protocol will require RADIUS authentication because Active Directory does not support CHAP, MS-CHAP, or MS-CHAPv2.
To force L2TP connections from iOS devices to use LDAP instead of RADIUS, follow the steps outlined below.

Procedure:

Log into the SonicWall security appliance using your admin credentials.
Navigate to VPN > L2TP Server. Click Configure.
Click on the PPP tab. Ensure that "PAP" is moved to the top of the list. Click OK.

Notes:

Upgrades from previous firmware versions will retain the original ordering. The new ordering is set on new installations only.
Authentication protocols can also be changed for use with RADIUS

�

Related Articles

Categories

Not Finding Your Answers?

ASK THE COMMUNITY

Was This Article Helpful?

Stay In Touch