SonicWall

SonicWall TZ, NSa, and NSsp firewalls (with SonicWave access points or built-in wireless) authenticate WiFi clients against IronWiFi cloud RADIUS using WPA2-Enterprise (802.1X), with an optional external Lightweight Hotspot Messaging (LHM) captive portal for guest networks. RADIUS servers are configured under Users > Settings > Authentication, and the splash page is set per Guest Zone.

Prerequisites

In IronWiFi Console (complete these first):

Create a Network in IronWiFi Console
Create a Captive Portal with the appropriate vendor
Note your RADIUS settings and Splash Page URL

In SonicWall:

Administrative access to SonicWall device
Network connectivity to IronWiFi RADIUS servers

Device Configuration

Step 1: Access SonicWall Management Interface

SonicWall management interface login

Step 2: Configure RADIUS Server

Navigate to the RADIUS server settings and add the IronWiFi RADIUS server.

SonicWall RADIUS server configuration

RADIUS Settings

Configure your device with:

Setting	Value
Primary Server	`{Primary IP from IronWiFi}`
Auth Port	`{AUTH_PORT}`
Acct Port	`{ACCT_PORT}`
Shared Secret	`{Your shared secret}`

SonicWall RADIUS server IP and shared secret settings

Step 3: Configure Captive Portal

Set up the external captive portal with the IronWiFi splash page URL.

SonicWall captive portal configuration

Captive Portal

Enable external captive portal
Set splash page URL from IronWiFi
Configure walled garden to include
```
107.178.250.42
```

SonicWall external captive portal URL settings

Walled Garden

Add these entries for pre-authentication access:

Required for IronWiFi:

```
107.178.250.42
```
(IronWiFi splash page)
DNS servers

SonicWall walled garden allowed addresses

Authentication Provider Domains:

If using social login providers, add the following domains to your walled garden:

Provider	Required Entries
Google	`.google.com` , `.googleapis.com` , `*.gstatic.com` , `accounts.google.com`
Facebook	`.facebook.com` , `.fbcdn.net` , `connect.facebook.net` , `facebook.com`
Twitter	`.twitter.com` , `.twimg.com` , `twitter.com`
LinkedIn	`.linkedin.com` , `.licdn.com`
Microsoft	`.microsoft.com` , `.microsoftonline.com` , `*.live.com` , `login.live.com`

WPA-Enterprise

For 802.1X authentication:

Set security to WPA2-Enterprise
Configure RADIUS server details
Test with a known user

SonicWall WPA2-Enterprise wireless security settings

Troubleshooting

Issue	Possible Cause	Solution
Portal not appearing	Walled garden misconfigured	Check walled garden includes `107.178.250.42` and splash URL is correct
Authentication failing	RADIUS settings incorrect	Verify RADIUS IP, ports, and shared secret match IronWiFi Console
No internet after auth	Firewall or VLAN issue	Check firewall rules and VLAN settings

Getting Help

For device-specific questions:

Check manufacturer documentation
Contact IronWiFi support at support@ironwifi.com

Shared configuration

Was this page helpful?

Prerequisites​

In IronWiFi Console (complete these first):​

In SonicWall:​

Device Configuration​

Step 1: Access SonicWall Management Interface​

Step 2: Configure RADIUS Server​

RADIUS Settings​

Step 3: Configure Captive Portal​

Captive Portal​

Walled Garden​

WPA-Enterprise​

Troubleshooting​

Getting Help​

Related Topics​