LDAP - User Manager connection Error



  • Hello everybody,

    I have a problem if I want to set up the domain controller on the PFsense under System / User / Manager / Authentication Servers. There I always get the error message:
    Could not connect to the LDAP server. Please check the LDAP configuration.

    I use port 389 - LDAP - TCP standard. The user and the configuration should be correct.
    The problem that I currently have is that if I make a test port on 389 from the "LAN" network, it will succeed. From Source "Any" or "Localhost", so from the firewall itself I can not get on it and i get an error.

    Here seems to be the error. Firewall rules do not seem to be the problem on the DC. Can I guide the PFsense to reach the domain controller via LAN and not over itself?

    Best regards and best thanks!
    Harry


  • Netgate Administrator

    Is the LDAP server in the LAN subnet? If not does pfSense have a route to it?

    Can you ping it from pfSense using source 'any'?

    pfSense will use the logically closest interface when trying to connect. Check the state table or run a packet capture to see when the connection attempt is using as the source.

    Steve



  • No it is in another Subnet in Azure that is connected with IPSEC Tunnel. We have a Phase 1 and Phase 2 IPSEC with the complete Network Subnets to each other.

    On Azure the local Subnets from pfsense: 10.10.10.0/24 - 10.10.30.0/24
    On PFsense the remote subnets from azure: 10.0.10.0/24 - 10.0.20.0/24

    LAN Subnet: 10.10.10.0/24
    DC Subnet: 10.0.10.0/24
    PFsene: 10.10.10.2

    No from "Any" it is also not reachable.


  • Netgate Administrator



  • @stephenw10

    Nice! Thanks man, thats exactly solved my problem! 👍


Log in to reply