Forum Discussion
Thank you for sharing the information in the link.
But still if we talk about LTM only module provisioned , does it allow me to add more than one LDAP server for redundancy. I need to know the answer for my requirement else I would prefer Tacacs+ as an remote user auth tool.
For what are you talking for authentication to the F5 device itself or for authntication of the client traffic when connecting to an f5 VIP?
For authentication of transit traffic to the F5 VS VIP servers have you checked https://support.f5.com/csp/article/K15906 ? As you see to be able to add more than one servers in the brakets.
ltm auth ldap ldap_config {
search-base-dn ou=Users,dc=askf5,dc=pslab,dc=local
servers { 172.24.171.1 }
}
Also have you tested creating an LDAP VIP with pool and maybe refernce the VIP ip address in the Auth profile or for the F5 GUI in the system tab? You may also use priority groups to use just the first pool member if active:
https://support.f5.com/csp/article/K13525153
For the F5 GUI authentication with LDAP: