This Morning I upgraded our PSA5000-V from 9.0R2 to 9.0R3.2. But now, our LDAP with Port 636 isn't working anymore.
For server xx.xx.xx.xx at port 636
LDAP Server is unreachable. Check the server address, port, and connection type.
With unencrypted it works
For server xx.xx.xx.xx at port 389
LDAP server is reachable.
Do you have any solution? Many thanks in advance.
# Please start the TCP Dump on the VPN server and perform the "Test connection" on the LDAP auth instance page. Get the raw dump and check why the TCP / SSL handshake is being failed i.e. at which step or who sends the TCP RST.
# Which LDAP server is being used?
"LDAP Server is unreachable. Check the server address, port, and connection type" ---- https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB40396
# EC Curve issue with Windows server 2016 was resolved in 9.0R3, hence 9.0R3.2 should not have this issue.
Yes, I can! The traffic runs through the internal ports. An it has worked until the new upgrade.
Since you are talking about LDAP on port 636 i belive that you are talking about LADPS.
In the last update finally the LDPAS cipher suite follow what you configured under System > Configuration > Security > Outbound SSL Options
Can you check your Outbound SSL Options and see if the cipher suite proposed is right. Also a TCP Dump capture can easily point you if there is a SSL negotiation issue.