SAML Bypass List For G Suite and ULA rules

Description

"SAML Bypass List For G Suite" is an Address Group auto-generated by SonicOS when G Suite is the IDP provider for SAML. 

Depending on several factors (like the country from where the IDP was created, or the end-user OS) additional FQDN's might need to be manually created and added to this group in order to avoid issues during redirections to the login page. 

Resolution

#1 - The following FQDN address objects should be created in the WAN zone:

  • www.gstatic.com
  • fonts.gstatic.com
  • ssl.gstatic.com
  • accounts.google.fr (if the IDP was created from France) OR 
    accounts.google.es (if the IDP was created from Spain) OR 
    accounts.google.co.in (if the IDP was created from India) and so on

#2 - Go to OBJECTS/Match Objects/Addresses/Address Groups and edit the group named "SAML Bypass List For G Suite" and add the new FQDN objects created in step #1

   

 

Related Articles

  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • What are dynamic external objects/groups and how can we configure it?
    Read More
  • MacOS Captive Portal not redirecting to SAML login page
    Read More

Categories

Firewalls
NSa Series
Firewalls
NSsp Series
Firewalls
TZ Series
not finding your answers?
Ask the Community