Currently I have an ASA5510 which is doing LDAP authentication for remote access VPN users.
The authenticating server is locally on a port on the ASA.
I would like to have a backup, but the server is currently at a remote office, but that office has a site to site tunnel built to the ASA.
Will the ASA be able to use that remote AD server?
I am unsure if the ASA itself can talk directly to a host over a VPN tunnel, or if it has to be host to host.
aaa-server LDAP (outside) host x.x.x.x
But x.x.x.x would not be an actual public, just a host over a vpn tunnel.
Would it depend on what interface the ASA sources the request from? Can that be altered?