HA Active Directory for F5 authentication

Question

I have two f5 Big-IP wit LTM module in HA. I have configured Admin authentication in BIG-IP through Remote Active Directory and It works properly.

The challenge is I have several synchronized AD servers and I would like to achieve HA in Big-IP authentication.

I have created a pool with my AD servers with a custom LDAP monitor and It seems that works because all members look up in the pool. I also created a virtual server that listen in port 389 and use the AD server pool as default pool. However, when I set the host value to virtual server IP in system-->users-->authentication, all authentication attempts fail.

Is required an special configuration in virtual server to make it work?

zamroni777 · Answer

make sure the both bigip control plane's and data plane's network routing are correct, including the firewall config between them, etc.,
so that bigip mgmt can reach the vs ip (which is in bigip's data plane).

mrodriguez · Answer

I've checked it. There is a route and traffic is allowed. In fact, If I launch a telnet from the big-ip through port 389, It connects:&nbsp;

Forum Discussion

HA Active Directory for F5 authentication

Recent Discussions

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

F5 Switches in 'Changes Pending' Status

Related Content

Remote User Authentication (e.g. F5 admins) using Azure Active Directory

Complete MFA solution with GA stored in Active Directory

Active Directory authentication for management GUI

rSeries and Active Directory authentication

Microsoft Active Directory Federation Services (AD FS) iApp Template

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS