• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Company · Blog · Newsletter · Events · Partner Program

Downloads      Support      Security     Admin Login
Rublon

Rublon

Secure Remote Access

  • Product
    • Regulatory Compliance
    • Use Cases
    • Rublon Reviews
    • Authentication Basics
    • What is MFA?
    • Importance of MFA
    • User Experience
    • Authentication Methods
    • Rublon Authenticator
    • Remembered Devices
    • Logs
    • Single Sign-On
    • Access Policies
    • Directory Sync
  • Solutions
    • MFA for Remote Desktop
    • MFA for Remote Access Software
    • MFA for Windows Logon
    • MFA for Linux
    • MFA for Active Directory
    • MFA for LDAP
    • MFA for RADIUS
    • MFA for SAML
    • MFA for RemoteApp
    • MFA for Workgroup Accounts
    • MFA for Entra ID
  • Customers
  • Industries
    • Financial Services
    • Investment Funds
    • Retail
    • Technology
    • Healthcare
    • Legal
    • Education
    • Government
  • Pricing
  • Docs
Contact Sales Free Trial

Multi-Factor Authentication (2FA/MFA) for SonicWall SSL VPN

Multi-Factor (MFA) and Two-Factor Authentication (2FA) for SonicWall SSL VPN

August 19, 2020 By Rublon Authors

Last updated on March 19, 2025

Overview of MFA for SonicWall SSL VPN

Multi-Factor Authentication (MFA) for SonicWall SSL VPN is an additional security measure that requires users to provide two accessibility credentials to gain access to SonicWall SSL VPN. The first factor requires the user to input their Active Directory/RADIUS username and password. After successfully completing the first factor, users will move on to the second authentication step which can include Mobile Push or Email Link. Once both of these factors are fulfilled, the user will gain access to the resource. Enabling Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) for SonicWall SSL VPN stops hackers from gaining access to resources even if they possess the user’s login information.

Supported Authentication Methods

Authentication Method Supported Comments
Mobile Push ✔ N/A
WebAuthn/U2F Security Key – N/A
Passcode ✔ N/A
SMS Passcode – N/A
SMS Link ✔ N/A
Phone Call ✔ N/A
QR Code – N/A
Email Link ✔ N/A
YubiKey OTP Security Key ✔ N/A

Demo Video of MFA for SonicWall SSL VPN

Before you start

You need to install and configure Rublon Authentication Proxy itself before configuring SonicWall SSL VPN to work with it. Please read the Rublon Authentication Proxy documentation and follow the steps in the Installation and Configuration sections. Afterward, follow the Configuration section in this document.

Ensure that you have properly set up your authentication source, that is an external Identity Provider (IdP) like RADIUS, OpenLDAP, or Microsoft Active Directory.

Configuration of MFA for SonicWall SSL VPN

1. Log in to the SonicWall management GUI.

2. Click MANAGE in the top navigation menu.

3. Navigate to the left menu. Expand Users and select Settings. Afterwards, switch to the Authentication tab.

4. Set User Authentication Method to RADIUS.

5. Click CONFIGURE RADIUS on the right. Clicking the button opens the RADIUS Configuration window.

6. Click ADD… to add a new server. This opens the Add server window.

7. Enter the FQDN or IP address of the RADIUS server used for primary authentication.

8. Enter the RADIUS Secret set in Rublon Authentication Proxy as the Shared Secret in this window.

9. Click SAVE to add the new server.

10. While still in RADIUS Servers Settings, switch to General Settings.

11. Set RADIUS Server Timeout to 60 seconds.

12. Set Retries to 2.

13. Click APPLY to save these changes.

14. Select the RADIUS Users tab.

15. Set Default user group to which all RADIUS users belong to SSLVPN Services.

16. Click OK to save this change. Clicking OK closes the RADIUS Configuration window.

17. Navigate to the left menu. Extend SSL VPN and select Server Settings.

18. Make sure Use RADIUS in is unchecked in the RADIUS User Settings section. In case it’s checked, uncheck it, and click the ACCEPT button at the bottom of the site.

19. Your configuration is now finished. Users have Rublon 2FA enabled when logging in to your VPN.

Log in to SonicWall SSL VPN with Rublon 2FA enabled

This example portrays Rublon 2FA in NetExtender client using the Email Magic Link method.

1. Provide your login and password, and click Connect.

2. Check your mailbox for an email from Rublon. Open the email, and click Sign In.

3. You will be successfully logged in to the VPN.

Troubleshooting

Blast-RADIUS Vulnerability Protection

RADIUS integrations may enforce the validation of the Message-Authenticator RADIUS attribute as part of their mitigations for the Blast-RADIUS vulnerability.

The Rublon Authentication Proxy supports the Message-Authenticator attribute starting from version 3.5.3. The Rublon Auth Proxy uses the force_message_authenticator option in the configuration file (set to true by default) to safeguard against Blast-RADIUS attacks.

If you are experiencing issues with your RADIUS integration, ensure that the force_message_authenticator is set to true.

If you are using Rublon Authentication Proxy 3.5.2 or older, update to the newest available version.

Difficulties Connecting to the VPN

If you have difficulties connecting to your VPN or the second factor does not work, double-check you have specified e-mail addresses of Local Users in User Settings under Users → Local Users & Groups, and that the users belong to appropriate groups.

Sonicwall Global VPN: Difficulties Enabling LAN Access for VPN Users

If VPN users are unable to access specific LAN subnets, verify that you have configured the VPN Access settings for the appropriate user groups (or individual users) as described below.

For Local Groups:

  1. Go to VPN → Users → Local Groups.
  2. Click the configuration button for the group you want to grant VPN access to.
  3. Go to the VPN Access tab, scroll down to LAN Subnets, add the desired LAN network to the Access List, and click OK.

For Local Users:

  1. Go to VPN → Users → Local Users.
  2. Click the configuration button for the user you want to grant VPN access to.
  3. Go to the VPN Access tab, scroll down to LAN Subnets, add the LAN network to the Access List, and click OK.

If you encounter any issues with your Rublon integration, please contact Rublon Support.

Related Posts

Rublon Authentication Proxy

Rublon Authentication Proxy – Integrations

Filed Under: Documentation

Primary Sidebar

Contents

  • Overview of MFA for SonicWall SSL VPN
  • Supported Authentication Methods
  • Demo Video of MFA for SonicWall SSL VPN
  • Before you start
  • Configuration of MFA for SonicWall SSL VPN
  • Log in to SonicWall SSL VPN with Rublon 2FA enabled
  • Troubleshooting
    • Difficulties Connecting to the VPN
    • Sonicwall Global VPN: Difficulties Enabling LAN Access for VPN Users
  • Related Posts
Try Rublon for Free
Start your 30-day Rublon Trial to secure your employees using multi-factor authentication.
No Credit Card Required


Footer

Product

  • Regulatory Compliance
  • Use Cases
  • Rublon Reviews
  • Authentication Basics
  • What is MFA?
  • Importance of MFA
  • User Experience
  • Authentication Methods
  • Rublon Authenticator
  • Remembered Devices
  • Logs
  • Single Sign-On
  • Access Policies
  • Directory Sync

Solutions

  • MFA for Remote Desktop
  • MFA for Windows Logon
  • MFA for Remote Access Software
  • MFA for Linux
  • MFA for Active Directory
  • MFA for LDAP
  • MFA for RADIUS
  • MFA for SAML
  • MFA for RemoteApp
  • MFA for Workgroup Accounts
  • MFA for Entra ID

Industries

  • Financial Services
  • Investment Funds
  • Retail
  • Technology
  • Healthcare
  • Legal
  • Education
  • Government

Documentation

  • 2FA for Windows & RDP
  • 2FA for RDS
  • 2FA for RD Gateway
  • 2FA for RD Web Access
  • 2FA for SSH
  • 2FA for OpenVPN
  • 2FA for SonicWall VPN
  • 2FA for Cisco VPN
  • 2FA for Office 365

Support

  • Knowledge Base
  • FAQ
  • System Status

About

  • About Us
  • Blog
  • Events
  • Co-funded by the European Union
  • Contact Us

  • Facebook
  • GitHub
  • LinkedIn
  • Twitter
  • YouTube

© 2025 Rublon · Imprint · Legal & Privacy · Security

  • English