Forum Discussion

mrodriguez's avatar
Icon for Nimbostratus rankNimbostratus
May 24, 2024

HA Active Directory for F5 authentication

I have two f5 Big-IP wit LTM module in HA. I have configured Admin authentication in BIG-IP through Remote Active Directory and It works properly.

The challenge is I have several synchronized AD servers and I would like to achieve HA in Big-IP authentication.

I have created a pool with my AD servers with a custom LDAP monitor and It seems that works because all members look up in the pool. I also created a virtual server that listen in port 389 and use the AD server pool as default pool. However, when I set the host value to virtual server IP in system-->users-->authentication, all authentication attempts fail.

Is required an special configuration in virtual server to make it work?

2 Replies

  • I've checked it. There is a route and traffic is allowed. In fact, If I launch a telnet from the big-ip through port 389, It connects:


  • make sure the both bigip control plane's and data plane's network routing are correct, including the firewall config between them, etc.,
    so that bigip mgmt can reach the vs ip (which is in bigip's data plane).