I'm currently setting up a VPN for our enterprise users using SonicWall SSL VPN and the NetExtender client on Windows 10 (no mobiles devices).
The firewall is querying the Active Directory database for users in a specific group, which are authorized to use the VPN. When those users connect to the VPN using NetExtender, the domain used is "xxx.local" and It works fine.
But when a local user (created on the firewall itself) wants to login, using the "xxx.local" domain fails with bad credentials, which makes sense.
Therefore, what is the domain to be used for local users when connecting to the VPN using NetExtender? Is there a way to use both of those account types?
EDIT: here are the settings we have currently set up for the SSL VPN
Yes you can use both account type; please use LocalDomain for the domain, case sensitive.
Just found the answer: there is a group called "SSLVPN Services" in which you can add the local users, and even if the domain is set in the NetExtender client, they will connect using their local account. I also opened a case at the SonicWALL support for some other problems, and they told me about this issue that it was preferable to use LDAP accounts instead of mixed ones (local + LDAP).