Hi, I am having problems with my WLC to connect in my LDAP (ActiveDirectory).
I have 3 interfaces in the controller:
- Management (vlan709): 10.41.200.253
- lan (vlan 1): 22.214.171.124
- guest (vlan 708): 10.41.222.253
My LDAP server is: 126.96.36.199
The controller could ping the LDAP Server. And LDAP Server ping WLC too.
When the controller try to connect in the LDAP server, return this on debug:
ldap_db.c:1038 Could not connect to LDAP server 1, reason: 1005 (LDAP bind failed).
*LDAP DB Task 1: Oct 29 15:11:16.924: %AAA-3-LDAP_CONNECT_SERVER_FAILED:
*LDAP DB Task 1: Oct 29 15:10:52.932: ldapInitAndBind  called lcapi_init (rc = 0 - Success)
*LDAP DB Task 1: Oct 29 15:10:54.932: ldapInitAndBind  configured Method Authenticated lcapi_bind (rc = 1005 - LDAP bind failed)
*LDAP DB Task 1: Oct 29 15:10:54.932: ldapClose  called lcapi_close (rc = 0 - Success)
*LDAP DB Task 1: Oct 29 15:10:54.933: LDAP server 1 changed state to IDLE
*LDAP DB Task 1: Oct 29 15:10:54.933: LDAP server 1 changed state to RETRY
*LDAP DB Task 1: Oct 29 15:10:54.933: LDAP_OPT_REFERRALS = -1
Someone could help me please?
Per Best practice keep the LDAP server on Management vlan or on vlan that is not part of dynamic vlan interface of wlc.
Hello Saravanan, thanks for your reply.
But because our environment, I can not put in vlan management. I need to be on a separate VLAN, it will not work well?
It is important to avoid configuring a dynamic interface in the same sub network as a server that has to be reachable by the controller CPU, for example a RADIUS server, as it might cause asymmetric routing issues.
Thanks for your reply.