Is this LDAP traffic for load balancing or admin authentication? I'm assuming it's the former.
Neither. The purpose of the monitor is to intermittently send a request out of the management interface to the AD server to see if it is up and running. The F5s are not loadbalancing the LDAP traffic nor are they using AD for admin authentication.
Are you sure it's not possible to allow monitor traffic via the switch ports?
Yes. We want no outside traffic from the F5 1.x interfaces to the switch ports.
If you're actually trying to route load balanced traffic out the management port, it's strongly discouraged.
We're not trying to do this. We would like to set up a monitor that would come out of the managment interface that would check to see if the AD/LDAP server is available. It would not be tied to the load balanced traffic in any way.
Thanks for the replies!