• Cloud Edge Secure Access
• Welcome to SonicWall Cloud Edge!
• Prerequisites
• Installation
  • Accessing the Client Management Console
  • Installation Methods
• Networks
  • Understanding Networks
  • SDP Networks
  • Regions and Gateways
    • Adding a region
    • Adding a gateway
  • Connecting Infrastructure
    • Prerequisites
    • Site-to-Site Connections
    • IPsec Tunnel
    • WireGuard Connector
    • Connect On-Prem Resources
      • Firewalls
        • SonicWall
    • Connect Cloud Resources
      • Amazon AWS
        • AWS Virtual Gateway
        • AWS Transit Gateway
      • Alibaba Cloud
      • Microsoft Azure
      • Google Cloud Platform
      • Heroku Enterprise
      • IBM Cloud
      • Docker
• Groups and Members
  • Members
    • Inviting Members
    • Password Requirements
    • Managing Roles
  • Groups
    • Managing Groups
    • Identity Provider Groups
  • Identity Providers (IdP)
    • Integrate Identity Providers
    • Azure AD
      • Azure Active Directory (SAML 2.0)
      • Azure Active Directory
    • Google Suite
      • Google Services
      • Google Apps (SAML 2.0)
    • On-Premises Active Directory
    • SAML 2.0
      • Generic SAML
      • Active Directory Federation Services (ADFS)
      • Auth0
      • Okta
      • OneLogin
      • PingIdentity
      • JumpCloud
• Securing the Platform
  • Securing Networks
    • Segmenting Networks
    • Device Posture Check
    • Network Traffic Control
    • Firewall-as-a-Service
  • Securing User Access
    • Multi-Factor Authentication
      • MFA Authentication
      • DUO Security
    • Agent-less Access
      • Zero Trust Application
        • HTTP/HTTPS
        • RDP (Remote Desktop Protocol)
        • SSH (Secure Shell)
        • VNC (Virtual Network Computing)
      • Zero Trust Policies and Rules
    • Agent-based Access
      • SonicWall Agents
        • Downloading and Installation
      • Agents Configuration
        • User-Groups Policies
        • Managing Configurations
        • General Configurations
        • Network Configuration
        • OS-Specific Configurations
• Monitoring
  • Activity Tracking
    • Activities and Logs
    • Member Devices
  • Monitoring Dashboard
  • Integrations
    • Amazon S3
    • Azure Sentinel
    • Splunk Cloud
• Compliance
  • HIPAA
  • GDPR
  • SOC 2 Type 2
• SonicWall Support
  • About This Document

PingOne for Enterprise

This article describes how to configure PingOne for Enterprise for use as an identity provider for SonicWall Cloud Edge.

• Configuring your PingOne for Enterprise account
• Configuring SonicWall Cloud Edge

Please follow the steps below:

To successfully integrate PingOne for Enterprise and SonicWall Cloud Edge, you must have admin access on both platforms.

Configuring your PingOne for Enterprise Account

1. Log in to your PingOne for Enterprise account.
2. On the upper toolbar in your PingOne for Enterprise screen select Applications. This takes you to the My Applications screen.

3. Click on SAML. Open the Add Application drop-down and select New SAML Application.

   

4. On the pop-up window, fill in the following details:

   • Application Name: SonicWall Cloud Edge
   • Application Description: SonicWall Cloud Edge SAML Connection
   • Category: Information Technology
   • Graphics: Add the SonicWall Cloud Edge Logo (Optional)

   

5. Click Continue to Next Step to proceed.
   
6. On the Application Configuration window click on I have the SAML configuration.
   

7. Fill in the following information:

   • Signing Certificate: PingOne Account Origination Certificate
   • Protocol Version: SAML v 2.0
   • Assertion Consumer Service (ACS): https://auth.sonicwalledge.com/login/callback?connection=tenantname-oc
   • Entity ID: urn:auth0:sonicwall-production:tenantname-oc

   : The tenantname should be changed to your SonicWall Cloud Edge tenant name.

   

8. Click Continue to Next Step to proceed. On the SSO Attribute Mapping window, you will need to map the following attributes: | Application Attribute | Identity Bridge Attribute or Literal Value |

   | -- | -- |
   | email| Email|
   | given_name| First Name|
   | family_name| Last Name|
   | groups| memberOf|

   

9. Click Continue to Next Step to proceed.

10. On the Group Access window select the user groups that should have access to the PingOne for Enterprise Login Page. To allow access to all users we recommend adding Users@Directory.

    

11. Click Continue to Next Step to proceed.

12. On the Review Setup window copy the "idpid "and click on the Download link next to Signing Certificate.

    

13. Click Save and Close.
    

14. On My Applications screen verify that the application is set to Enabled - Yes.

    

Configuring SonicWall Cloud Edge

You need to configure the integration from the SonicWall Cloud Edge side.

1. Log in to your SonicWall Cloud Edge Management Platform, and navigate to Settings and then Identity Providers.

2. Select + Add Provider.

   

3. Select SAML 2.0 Identity Cloud.
4. Fill in the Sign In URL with the following URL: https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid={{idpid}} (fill in the idpid from step 14).
5. Add your organization domains.

6. Paste the certification from the downloaded idp-signing.crt file (begin and end line included).

   

7. Select Save.

Access Error troubleshooting

If your users are getting access error after the configuration, please check these steps.