10-21-2014 09:26 AM - edited 03-11-2019 09:58 PM
Hello
I have a (BP) that uses an application that needs to perform an LDAP query on my domain controller.
The BP is requesting the ip of our Domain controller so they can NAT on their side.
What do i need to implement to accomplish this task?
Solved! Go to Solution.
10-21-2014 09:37 AM
The best way to do this is via LDAPS (LDAP over TLS/SSL on TCP port 636) as LDAP (TCP port 389) itself is not inherently secured.
Assuming you you do not have a site-site VPN tunnel, you setup a static NAT in your edge firewall (or wherever you perform NAT from your private internal network to the public internet). You then create an access-list allowing incoming TCP/636 LDAPS requests from their source IP address.
If you use this approach they do not have to NAT specifically for this use case - they would address your server's public address which has been configured on your edge.
10-21-2014 09:37 AM
The best way to do this is via LDAPS (LDAP over TLS/SSL on TCP port 636) as LDAP (TCP port 389) itself is not inherently secured.
Assuming you you do not have a site-site VPN tunnel, you setup a static NAT in your edge firewall (or wherever you perform NAT from your private internal network to the public internet). You then create an access-list allowing incoming TCP/636 LDAPS requests from their source IP address.
If you use this approach they do not have to NAT specifically for this use case - they would address your server's public address which has been configured on your edge.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide