07-11-2018 08:10 PM
Configuration as below
1. Mangement interface with IP 192.168.1.2 (non-PA device as gateway)
2. Windows AD with IP 172.16.1.2 (PA device layer3 interface as gateway)
3. Subnet 192.168.1.0/24 and 172.16.1.0/24 cannot reach each other
With correct LDAP config (LDAP IP, Port, Base DN, etc.). Go to "Device > User Identification > Group Mapping Settings > Group Include List". When expand the AD Users and Computers list always show failed to connect to the AD server.
After I change the management interface IP to the same subnet of Windows AD or set route to allow communication between the 2 subnet. The problem gone.
Is this the product restriction or did I miss something?
07-11-2018 11:19 PM
By default ldap service is on management interface. Go to device, setup, services and change the default to an interface that can route to your AD network.
07-11-2018 11:19 PM
By default ldap service is on management interface. Go to device, setup, services and change the default to an interface that can route to your AD network.
07-11-2018 11:36 PM
Thanks MickBall. Customize service route configuration solve the probem.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
