Can APM ActiveDirectory AAA server use port 636, or StartTLS on 389?

Question

I've noticed that when I set up management/administration of an F5, and I can allow remote active directory users to log in, and I can select whether they use port 389 (cleartext LDAP), port 636 (LDAP with SSL encryption), or port 389 with StartTLS (LDAP with TLS encryption).&nbsp;
When it comes to APM though, I don't see that option when configuring an Active Directory AAA server. When I take network captures, I see port 389 being used for the AD Query objects in my VPE. Now I'm not an expert in the LDAP protocol, and maybe within port 389 APM is using the StartTLS command (does anyone know if that is the case?), but if not, does anyone know how to set up the ActiveDirectory AAA server in APM to use encryption when communicating with Active Directory?&nbsp;
Note: When it comes to encryption I would prefer port 389 with the StartTLS command, since TLS is more secure than SSL on port 636. But either would be preferable to 389 plaintext.&nbsp;
F5 Version: 12.1.2&nbsp;

algebraic_mirror · Answer

Bump&nbsp;

Forum Discussion

Can APM ActiveDirectory AAA server use port 636, or StartTLS on 389?

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

LDAP StartTLS Extension to LDAPS Proxy

Server Profile SNI

Check a Virtual Server's SSL Status

Virtual Server graphical App for F5 LTM

iRule based RADIUS Server Stack