remote authentication to host management

So, it seems to be the issue of which default gateway does pam_ldap use authentication of management traffic. The docs are confusing, since at first it seems to suggest traffic flows across the management interface. But, says the ldap server needs to be reachable from Domain 0. Since the 7200v hosts are vCMP dedicated, there's no LTM/TMM side to configure.... so the only default route on it is the management one. And, auth works once the network was opened up to allow ldap auth to work on it. Hopefully networking won't shoot us for temporarily putting the 7200v's in their management network and poking holes and such in it. So, this raised the question, why do the other F5 instances need to use their TMM default route to get to LDAP? Or why is there a default route at all? So, as a test we deleted the default route from one of the instances, and what was working...continues to work. Though GTM is on this instance, and its now trying to do zone transfers from the management IP....which is not the IP that is permitted. (both by firewall and bind config.) But, not really sure any of the GTM stuff works anyways.... contractor that had been working on it is gone...perhaps we just need to start over. But, are there any issues in not having a default route on the TMM side? We (normally) have wildcard forwarders set on it for vlan to vlan routing, along with auto last hop....the LTM side should be fine, afaict....