In XG I have configured an AD server and when checking it checks fine. Also clients using CAA to authenticate generate traffic to the AD-server on port 636. However, there is an almost constant feed of traffic from the XG to the AD machine on UDP port 389. The traffic is accepted in the firewall, but our AD-servers do not accept unencrypted LDAP traffic and the authentication request therefor fails.
In Authentication Log this shows like this:
I expect that this might have something to do with STAS, but inside the XG I cannot find where to configure how STAS should communicate with the AD DC.
Anyone knows how I can make the XG to only use encrypted LDAP queries on port 636?
This thread was automatically locked due to age.
