Forum Discussion
Maneesh_72711
Feb 05, 2019Cirrostratus
Why arent you handling LDAP/S traffic just via the GTM instead of routing it to LTM ?
We have had issues with GTM/LTM combo and moved back to just GTM (DNS) loadbalancing, everyday we had queries from users for their A/C locks as underlined AD servers did not have visbility of actual source IP due to SNAT (until you want to introduce XFF as well). if your setup is inline then you wont have issues.
Better to have just DNS based loadblancing and you can restrict traffic via the Topology based loadbalancing which will resolve to just one DC based on LDNS queries.
The way you have configured to 389 similar way you can configure for 636 and other ports.