Forum Discussion

Nimbostratus

Feb 23, 2011

AD DC's behind F5....

We have several applications that are antiquated and not AD aware. They authenticate against a specific DC rather than to AD as a whole. So, typical AD load balancing will not work and we prefer not to use DNS round-robin load balancing. Unfortunately we can not upgrade the aplications at this time either.

I would like to Load Balanace a couple of AD DC's behind an F5. I understand Microsft frowns on this, but was wondering what would need to be done on the F5 to make this happen.

I have seen others say they have done this in the past, but unfortunately they are not willing to share how they accomplished this.

Thanks,

Dave

config

design

11 Replies

dcasson_21085
Nimbostratus
May 16, 2011
For LDAP authentication you will need to use port 389 for standard authentication and 636 for secure authentication. Once these ports are opened you should be OK. Make sure you do NOT allow anonymous bind. Big security risk.

Forum Discussion

AD DC's behind F5....

11 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Disk space full - what files, folders are safe to delete?

Converting config to DO

Enterprise Security best practices with F5 WAF

Web acceleration

Related Content

DC failover test via GTM

F5 Distributed Cloud - Listener Logic

F5 Python SDK Overview

API Gateway Mapping - Gartner - F5

F5 Distributed Cloud Origin Server Subset Rules