Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gaurav_Pandya
Advisor

Firewall is doing ldap query even if identity awareness is disabled

Hi,

We are getting unnecessary ldap queries to DC from firewall even if we have not enabled identity awareness on that firewall. ldap queries are initiated from firewall and passing through implied rule.

Is there any setting through which we can stop these queries?

0 Kudos
9 Replies
the_rock
Leader
Leader

Can you share a screenshot of one of those examples?

0 Kudos
PhoneBoy
Admin
Admin

LDAP has been supported by the gateway long before Identity Awareness was a thing.
Legacy authentication schemes (including with Remote Access) can use it.

0 Kudos
Gaurav_Pandya
Advisor

Thanks PhoneBoy. 

Is there any way we can stop these queries?

0 Kudos
Wolfgang
Leader
Leader

Delete your LDAP account unit if not using.

Wolfgang

0 Kudos
PhoneBoy
Admin
Admin

Depends on what is responsible for it.
What precisely is this gateway used for and enforcing access to?
What blades are active?
Maybe check if pdpd and pepd are running on these gateways? 

0 Kudos
Gaurav_Pandya
Advisor

We cannot delete LDAP account unit as other firewalls are using it. This firewall is for access control only. No any other blades are active.

 

 

0 Kudos
Gaurav_Pandya
Advisor

Capture2.JPG

 

0 Kudos
PhoneBoy
Admin
Admin

Even firewall can use LDAP if there are legacy User Auth rules.
Regardless, I recommend engaging with the TAC.

0 Kudos
the_rock
Leader
Leader

@PhoneBoy made a good point Gaurav. Can you confirm if pdp and/or pep are running on this gateway? Try ps -auxw | grep pep or pdp and see what shows up. You can even type top from expert mode and see what you get.

0 Kudos