Hello all: I am currently in a position where a “black box”
solution that we utilize needs to access an LDAP host. The “black box” does not have
the ability to make a secure request to an internal S-LDAP host, and this is
where the problem lies. The kicker is
that the black box solution lies within an unsecured network segment. I need to apply a solution where the
transport layer is secured in order to traverse the firewalled
segment. On the internal side, I
have a secure LDAP cluster to answer these requests. The proxy host that I have available would
be a FreeBSD kernel. My first (and only) thought so far, is to have a LDAP proxy
server on the unsecured segment, in which it will rebuild the request into the S-LDAP
(TLS/SSL) version and allow that host to request the data to our internal
network. I am not exactly too happy
with that solution though. What
other type of solutions are out there, and is my first thought even possible?
-dp ==========================
|