SonicOS 7.2 SAML Feature Guide
Table of Contents
Configuring the SAML Profile
In SAML Profile, the SAML IdP is associated with the SAML SP. The SAML profile acts as a container to bind the SAML IdP profile and SP profile. This allows the system to map services to their corresponding IdPs.
The SAML profile name is part of SPs entityID URL and Assertion Consumer Service (ACS) URL.
Ensure that you use the same SAML profile name that was used while exporting SP Metadata.
You can create multiple IdP-SP associations within SAML profile.
Example: An partner managing a SonicWall firewall for a client may configure their own IdP on the firewall for their management services. At the same time you can set up the client company's IdP to allow their employees to connect via SSL VPN.
To configure the SAML profile
-
Navigate to Device > Users > Settings > SAML CONFIGURATION.
-
Click the Configure button next to the SAML Profile.
-
In the SAML Profile dialog box, click + Add.
Set up the SAML Profile and associate each SonicWALL SP or service or use case such as SSL VPN login on SonicWall, to the appropriate Identity Provider (IdP).
-
Enter the following information.
-
In the Name field, enter the SAML Profile name that you set up in Exporting SP Metadata.
-
In the Select IdP field, select the identity provider.
-
In the Select SP field, select the service provider. When you select the service provider, Enable on this profile for HTTPS Management toggle becomes available.
-
Use a certificate to sign SP request: Protects the SP connections associated with the IdP, using your own certificate.
The certificate needs to be imported prior to configuring the SAML profile.
-
In the Select Certificatefield, select the certificate.
-
Enable Single Logout: Allows single logout.
-
Enable this profile for HTTPS Management: Configures the profile for HTTPS management.
-
Click Save.
At the top, a success message is displayed.
On the SAML Profile dialog box, the last entry displays the newly created SAML profile.
-
Click Close.