[Date Prev][Date Next] [Chronological] [Thread] [Top]

Ldap server Behind Firewall

To: openldap-technical@openldap.org
Subject: Ldap server Behind Firewall
From: Hugo Deprez <hugo.deprez@gmail.com>
Date: Mon, 17 Dec 2012 14:21:02 +0100
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=jxpHkaomwjUyJSJb6bjw+AzUsbVfJm9KxGzEkUnR5JQ=; b=lSUSehAZVNxA+vlAhqx2DQHY6kIrEy+ak90g8Pn1Z3Nzc8Okg09QQjhV7TzqP9Hv9M iYquwMOkwBF7x2ILdQVnTxD49A3KAVOStLDIAt3kaQAjkOjKuFHxHZCmGAt0DIyD6vO1 4UHJsmy+6LUiGSov8dOt4kfWG3tZMGW+e9WRwhTiHje0JQmEfcebMTTO4zfzYilCw8yL 5MWUGZgBUSsK8AI5JlwN/q4u3TQnA28gIUGYqQ/IA950FgykDZFhxMlJPFhAx3CRkGOL xkYziZYbpyz1Y1Ab2RuTx6lmKM+VNUXs3KZalY+T1gssBBrctuayR9PER5W/oO+8s2Dk ulxA==

Hello,

I am currently running OpenLdap behind a checkpoint firewall.

Some hosts are reaching the LDAP server, but the source IP is NAT Hide. (original IP is 192.168.0.1 - translated 192.168.1.2).

I can see on my firewall many drops coming from the LDAP server to the translated IP.

This kind of packet shouldn't exist, as I am using corosync for HA => No packet are coming from the VIP.

This maybe a problem on the checkpoint firewall (which is not handling correctly the NAT), but I would like to know if someone already had this behaviour already with any firewall ?

Maybe I am missing something on OpenLDAP network flow.

Best regards,

Hugo

Prev by Date: Bulk update
Next by Date: openldap shared address book + outlook 2010.
Index(es):
- Chronological
- Thread