Up to five redundant LDAP servers can be configured. The following examples show configuration of two servers, Server-1 and Server-5.
Configuration of Server-1:
A*:SwSim14>config>system>security>ldap# info
public-key-authentication
server 1 create
address 10.1.1.1
ldap-server ‟active-server”
tls-profile ‟server-1-profile”
A*:SwSim14>config>system>security>tls# info
client-tls-profile ‟server-1-profile” create
cert-profile ‟client-cert-profile”
cipher-list ‟to-active-server”
trust-anchor-profile ‟server-1-ca”
no shutdown
exit
Configuration of Server-5 (backup):
A*:SwSim14>config>system>security>ldap# info
public-key-authentication
server 5 create
address 10.5.5.1
ldap-server ‟backup-server-5”
tls-profile ‟server-5-profile”
A*:SwSim14>config>system>security>tls# info
client-tls-profile ‟server-5-profile” create
cert-profile ‟client-cert-profile”
cipher-list ‟to-backup-server-5”
trust-anchor-profile ‟server-5-ca”
no shutdown
exit