cancelar
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
187
Visitas
1
ÚTIL
5
Respuestas

Cisco 9800 WLC and LDAP communication failure

Nirqa suport
Level 1
Level 1

Good afternoon or evening everyone, I have a problem to integrate a cisco 9800 wlc with LDAP.
In the cisco WLC I have configured the LDAP profile and it has been associated with an SSID.

During the authentication tests with a user it was detected that when the cisco wlc makes a bind request to the LDAP it does not accept it because it considers it an unsecured connection.

ip of the WLC : 10.159.72.2 ip of the ldap : 10.190.128.4
The tests were performed using port 389 on the wlc side.

A simulation has also been performed with a laptop by installing a program so that it can make a bind request to the ldap, but in this simulation the LDAP does allow the laptop to complete this bind request.

 

Nirqasuport_3-1732896129274.png

test from the laptop to the ldap

 

 

 

Nirqasuport_0-1732895939428.pngNirqasuport_1-1732895966508.png

Attached two images of the packet capture made from wlc.

for the configuration we have used this link

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/216744-configuring-catalyst-9800-wlc-with-ldap.html#toc-hId--1085503207

 

 

5 RESPUESTAS 5

@Nirqa suport 

 Are you using secure mode?

 

 

Hi Flavio

We have tried testing with port 636 and installing a trusted certificate for the ldap, but the TCP session is not established.
A reset of the tcp session is received from the LDAP.
The client indicates that part of the firewall the path is clear to the LDAP.
In addition, the client tells us that they are always using port 389 for LDAP communications.

I asked because on the wireshark log you shared, we can see the information about TLS. 

from same link you share 
did you enable secure mode 

Screenshot (204).png

Hello @Nirqa suport 

AFAIK windows server does not allow anonymus authentication.

What versión of windows server are you running?

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**