Configuring redundant servers

Up to five redundant LDAP servers can be configured. The following examples show configuration of two servers, Server-1 and Server-5.

Configuration of Server-1:

A*:SwSim14>config>system>security>ldap# info
    public-key-authentication
    server 1 create
        address 10.1.1.1
        ldap-server ‟active-server”
        tls-profile ‟server-1-profile”

A*:SwSim14>config>system>security>tls# info
    client-tls-profile ‟server-1-profile” create
        cert-profile ‟client-cert-profile”
        cipher-list ‟to-active-server”
        trust-anchor-profile ‟server-1-ca”
        no shutdown
    exit

Configuration of Server-5 (backup):

A*:SwSim14>config>system>security>ldap# info
    public-key-authentication
    server 5 create
        address 10.5.5.1
        ldap-server ‟backup-server-5”
        tls-profile ‟server-5-profile”

A*:SwSim14>config>system>security>tls# info
    client-tls-profile ‟server-5-profile” create
        cert-profile ‟client-cert-profile”
        cipher-list ‟to-backup-server-5”
        trust-anchor-profile ‟server-5-ca”
        no shutdown
    exit