Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LDAP - User Manager connection Error

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 2 Posters 896 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      genesis_mp
      last edited by

      Hello everybody,

      I have a problem if I want to set up the domain controller on the PFsense under System / User / Manager / Authentication Servers. There I always get the error message:
      Could not connect to the LDAP server. Please check the LDAP configuration.

      I use port 389 - LDAP - TCP standard. The user and the configuration should be correct.
      The problem that I currently have is that if I make a test port on 389 from the "LAN" network, it will succeed. From Source "Any" or "Localhost", so from the firewall itself I can not get on it and i get an error.

      Here seems to be the error. Firewall rules do not seem to be the problem on the DC. Can I guide the PFsense to reach the domain controller via LAN and not over itself?

      Best regards and best thanks!
      Harry

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Is the LDAP server in the LAN subnet? If not does pfSense have a route to it?

        Can you ping it from pfSense using source 'any'?

        pfSense will use the logically closest interface when trying to connect. Check the state table or run a packet capture to see when the connection attempt is using as the source.

        Steve

        1 Reply Last reply Reply Quote 0
        • G
          genesis_mp
          last edited by genesis_mp

          No it is in another Subnet in Azure that is connected with IPSEC Tunnel. We have a Phase 1 and Phase 2 IPSEC with the complete Network Subnets to each other.

          On Azure the local Subnets from pfsense: 10.10.10.0/24 - 10.10.30.0/24
          On PFsense the remote subnets from azure: 10.0.10.0/24 - 10.0.20.0/24

          LAN Subnet: 10.10.10.0/24
          DC Subnet: 10.0.10.0/24
          PFsene: 10.10.10.2

          No from "Any" it is also not reachable.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Ah it's because this:
            https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/accessing-firewall-services-over-ipsec-vpns.html

            Steve

            G 1 Reply Last reply Reply Quote 1
            • G
              genesis_mp @stephenw10
              last edited by

              @stephenw10

              Nice! Thanks man, thats exactly solved my problem! 👍

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.