LDAP Monitor issue

Question

Hello everyone,&nbsp;
we have a virtual server configured on the F5 with both vs and pool members listening on port 14389 (non ssl) and 24389 (ssl) respectively. LDAP monitor for port 14389 works fine but for 24389 is failing .. is there a way to check why its failing? we are able to connect fine to the servers directly. &nbsp;
thank you,
-Abhash&nbsp;

chase_abbott · Answer

What is your monitor accomplishing for the 24389 port?  Assuming we have access to the port, I'd run wireshark on the LDAP server and SSL decrypt the traffic between LTM and the LDAP server.

https://support.f5.com/kb/en-us/solutions/public/9000/300/sol9311.html provides a basic overview of our LDAP monitors but at the bottom of the SOL are further references for LDAP/S monitors and potential issues when using TLS.  The Wireshark capture will show you the bind success/failure if it even gets that far.  From there you should be able to see what's up.

mike_dayton_108 · Answer

In the monitor-&gt; security "none" is what is likely causing the problem. If you set it to security "ssl", 14389 will start failing and 24389 will start working.&nbsp;
I ended up having to create two monitors.&nbsp;

Forum Discussion

LDAP Monitor issue

2 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

Mgmt monitor issue

Synthetic Monitoring helps you detect application issues before your users do

Regex issue

LDAPS vip - how to?

F5 health 443 monitor issue with Atlassian Conluence