We use LDAP for auth and it has been working fine for years. I moved our LDAP server to be across a tunnel between 2 cisco applicances (pix/asa), and everything can talk to the LDAP server *except* the device originating the tunnel. I am trying to ...