topic ACS 4.0 in Network Access Control

ACS 4.0

guillaume.chartrand — Sun, 10 Mar 2019 21:36:33 GMT

I try to establish a link to an external database by LDAP SSL

I put all information in the common LDAP configuration, I set the port to 636, Checkmark are on LDAPv3 and Use SecureAuthentification

I put the path of my .db file

But when I try to map ACS group to LDAP group, I've got an error the LDAP cannot be reach.

I sniff all packet on my ACS 4.0 server and nothing seems to be pass with the port 389 or 636

If I keep the 636 port on and uncheck the Use SecureAuthentification, I sniff my network and now I see all the packet try to contact my LDAP server.

So what I do wrong? Someone try this and work fine?

Thank

Re: ACS 4.0

thomas.chen — Mon, 05 Jun 2006 15:55:26 GMT

LDAP uses the port 389 and LDAPS uses 636. Make sure your LDAP server is listening to the correct port.

if you are using SSL, also make sure that the SSL port (TCP/443) is not blocked by any device in between.

Re: ACS 4.0

guillaume.chartrand — Mon, 05 Jun 2006 18:41:50 GMT

Yes my LDAP server listen the port 636 or 443 and also 389.

If I try to put any Trusted Root CA, when I capture my packet, I see something on port 636. But if I put a cert7.db on the local Path of my ACS server, it send anything, like if he can't read my cert7.db.

I have another question, the .db file is it the only extension that the server can read. Because when I export my certificate from Console One in Novell 6.5, I have only two choice, a .per file or .b64

So what can I do to transform this file in a .db file.