Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jprine
Explorer

LDAP error fetching branches

I am working with a 3000 Appliance, R80.30.

When I try to connect to the VP, I do not receive an office mode IP.

I am using a Duo Authentication Proxy. The Duo Authentication Proxy gets a successful login from the DC, but the VPN connection fails because Office Mode is refused.

Looking at the LDAP Account Unit Properties, the server is set to the Duo Authentication Proxy server, which is domain joined. When I try to Fetch Branches I receive the error "Failed to connect to LDAP Server. Please ensure that the administrator's credentials are correct and try again."

The account used to connect is a domain user and a member of the VPN user group.

Does the LDAP Account Unit have to be a DC, or can it be the Authentication Proxy server?

 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

I don’t believe we’ve tested with the Duo Authentication Proxy.
You might try troubleshooting with ldapsearch as described here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
Vincent_Bacher
Advisor

In addition to this, I would use unencrypted ldap if possible and perform tcpdump on the gw to analyse the ldap requests in wireshark. 

and now to something completely different
0 Kudos
the_rock
Advisor

Is this cloud mgmt server? If it is, this is normal and you would need to do it manually. If its regular mgmt server, then I would definitely check basic connectivity, though that error seems somewhat generic to me.

0 Kudos