Specify more than one LDAP server for Authentication Servers

shpokas · May 27, 2015, 8:59 AM

Hi,
is there a way to specify more than one LDAP server for authentication?
I have two redundant, but pfSense can take only one and if that is unreachable, users loose ability to login.
Attaching screenshot for reference.
Thanks, shpokas
![Screenshot 2015-05-27 09.56.22.png](/public/imported_attachments/1/Screenshot 2015-05-27 09.56.22.png)
![Screenshot 2015-05-27 09.56.22.png_thumb](/public/imported_attachments/1/Screenshot 2015-05-27 09.56.22.png_thumb)

doktornotor · May 27, 2015, 9:11 AM

No, definitely not with SSL enabled.

jimp · May 28, 2015, 8:06 PM

If the servers had the same cert and a DNS round-robin or LDAP proxy that did load balancing, perhaps.

If you're talking about for OpenVPN, just define the second LDAP server and ctrl-click both servers in the OpenVPN settings and it'll try one then the other.

That isn't a choice for GUI auth at the moment though.

shpokas · May 28, 2015, 8:11 PM

@jimp:

If the servers had the same cert and a DNS round-robin or LDAP proxy that did load balancing, perhaps.

Yes.

If you're talking about for OpenVPN, just define the second LDAP server and ctrl-click both servers in the OpenVPN settings and it'll try one then the other.

Yes, indeed. I thought that's not possible. Let me give a try.
Thanks!