Messages

1

18.7 Legacy Series / Re: LDAP connection using SSL-Encryption problem

« on: August 12, 2018, 06:34:37 am »

trying to use SartTLS to see if it works or nor :|

You should check through all your steps, as I have working SSL and had no issue switching to StartTLS using OPNsense 18.7.

I have been personally using ldaps:// since OPNsense version 15 with no unexpected issues.

Make sure your client url is supported by your certificate on the server as the IP and/or url should be configured in alt names or else it will fail security checks.

2

18.7 Legacy Series / Re: LDAP connection using SSL-Encryption problem

« on: August 12, 2018, 04:24:33 am »

Was using ssl transport working prior to upgrade to 18.7?
If so, there have been some changes in how authentication is configured in 18.7 release as noted in the release notes. I think notes on these particular changes should have been towards the top of the notes and in Bold to bring better attention to them, but they are there none the less.
 
Check under System -> Administration -> Authentication and insure you have all your LDAP servers checked, and also select "Local Database" if you want local fallback.

Used to be that you could only select two items, primary and fallback.
Also there are some slight changes/additions in Secure Shell configuration, as well as Users Configuration that may need some attention if your upgrading from 18.1 to 18.7.