Several ways to bypass the SSO authentication
05/15/2023 1,220 People found this article helpful 460,652 Views
Description
Sometimes Single Sign On authentication is not necessary for the traffic from some particular users, especially from the non-user devices such as internal proxy web servers and IP phones. This article is to demonstrate the ways to bypass SSO authentication.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
To bypass SSO authentication, you can follow the ways listed as below:
1) Create a dedicated access rule for the user/IP so that SSO authentication cannot be triggered
2) To Create an Access rule, Click on Policy in the top navigation menu
3) Navigate to Rules and Policies| Access rules, Select from LAN to WAN. LAN is selected here because the device that needed to be bypassed from SSO is located in the LAN zone.
4. Add SSO bypass Service/Address object under Users | Settings | Click CONFIGURE SSO | Enforcement tab.
If the client is a windows system, then you can try the methods below to bypass the SSO authentication as well:
5. Add User names used by Windows services under Users | Settings | Click CONFIGURE SSO | SSO Agents tab | General Settings tab.
6. Add Local User under Action | Windows Service Users in SonicWall Directory Connector Configuration Tool(SSO Agent).
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
To bypass SSO authentication, you can follow the ways listed as below:
1) Create a dedicated access rule for the user/IP so that SSO authentication cannot be triggered.
2) To Create an Access rule, Click on Manage in the top navigation menu
3) Navigate to Rules | Access rules, Select from LAN to WAN. LAN is selected here because the device that needed to be bypassed from SSO is located in the LAN zone.
4) Add SSO bypass Service/Address object under Users | Settings | Click CONFIGURE SSO | Enforcement tab.
If the client is a windows system, then you can try the methods below to bypass the SSO authentication as well:
5. Add User names used by Windows services under Users | Settings | Click CONFIGURE SSO | SSO Agents tab | General Settings tab.
6. Add Local User under Action | Windows Service Users in SonicWall Directory Connector Configuration Tool(SSO Agent).
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
To bypass SSO authentication, you can follow the ways listed as below:
1. Create a dedicated access rule for the user/IP so that SSO authentication cannot be triggered.
2. Add SSO Service/Address bypass object under Users | Settings | Configure SSO | Enforcement tab.
If the client is a windows system, then you can try the methods below to bypass the SSO authentication as well:
3. Add User names used by Windows services under Users | Settings | Configure SSO | SSO Agents tab | General Settings tab.
4. Add Local User under Action | Windows Service Users in SonicWall Directory Connector Configuration Tool(SSO Agent).
Related Articles
Categories