02-21-2011 08:15 PM - edited 07-03-2021 07:51 PM
I know the WLC supports LDAP based authentication,
Our environment requires integrating the WLC directly with LDAP and it needs to be secure.
Secure LDAP was supported in WLC, but i find that it has been removed from WLC based on the link below . Need to understand if secure LDAP is supported or is the link below outdated.
http://www.cisco.com/en/US/products/ps6366/products_white_paper09186a0080b4cd24.shtml02-21-2011 11:23 PM
No you cannot do secure LDAP.
I don't remember it being supported so either it was a confusion with "authenticated " ldap which you can still do or the option was there but the code behind was not working (that's why it was removed).
I forgot the historical reason but for sure now it's not supported and you can't even configure it.
Nicolas
02-22-2011 12:40 AM
Nicolas ,
What you are mentioning is about the bind method "Authenticated or Anonymous”, irrespective of the bind the packet is plain text and how do i ensure that to be encrypted .
Thinking about it i thought of doing IPSEC to the LDAP server, but the WLC would only support IPSEC for Radius servers and not LDAP.
The link below tells it was supported and new releases stopped supporting it .
Searched how the other vendors do the same and it seems Aruba does supports secure LDAP.
Clearly a limitation on the product
02-22-2011 01:15 AM
I know, that's why I said it was not to be confused with "authenticated".
Secure LDAP is easier known as LDAP/SSL
This is a limitation that is being worked on by the Business Unit.
The current alternative is to use a radius server like ACS to interconnect a LDAP database with the WLC with all security needed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide