I haven’t done it myself (yet), but you probably need to define the ldap-server directly under the stanza ”access”. In your profile TPAD you just reference the ldap server with address 10.60.0.5, but you have not defined it. When you define it, you can also specify what destination port and source address to use.
/Per 18 mar 2014 kl. 11:54 skrev Шепелев Андрей <xamalon...@gmail.com>: > access { > profile TPAD { > authentication-order ldap; > ldap-options { > base-distinguished-name dc=tp,dc=ru; > search { > search-filter sAMAccountName=; > admin-search { > distinguished-name cn=junos,ou=users,dc=tp,dc=ru; > password "$9$NOdY4jHmfQFDjApuOREwY2oDi"; ## SECRET-DATA > } > } > } > ldap-server { > 10.60.0.5; > } > } > firewall-authentication { > pass-through { > default-profile TPAD; > } > web-authentication { > default-profile TPAD; > } > } > } _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp