One node not allowing AD logons

Question

We have 2 BIG-IP LTM's running in a HA.&nbsp;
Both seem to be working fine but the one node will not allow me to logon with my Domain credentials.&nbsp;
Both nodes are configured the same and I can logon to the troublesome node with a local account.&nbsp;
I have gone through the configurations on both and they are identical.&nbsp;
Anyone seen this problem before and have any idea what I could look at to fix the problem?&nbsp;

youssef1 · Answer

Hello,&nbsp;
Can you please check your Fw rules to validate that flow between our Device and you AD is open.
Additional you can check that a ldap query is done when you attempt to connect with your ad credentials.
Connect to your device (in cli with your root credentials) and enter the following command:&nbsp;
tcpdump -nni 0.0 host 'AD IP'&nbsp;
If configuration is the same in both device (cluster), ldap query follow the routing table so go through the same interface (you have to open FW rule from selfIF of both memebers).
keep me update about this check.
Regards,&nbsp;

Forum Discussion

One node not allowing AD logons

1 Reply

Recent Discussions

MAC address not showing up in LLDP packet

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Related Content

allow one url from blocks geolocation

ASM - Adding Allowed URL's via CLI in 2023

Run Advanced Containers like OPSWAT Content Scrubbing Directly On F5 Distributed Cloud Nodes

Single Node Persistence

F5 Active Standby Node Configuration