I'm now trying to configure secure LDAP for admin auth. But it's failing on translating the FQDN of the LDAP servers.
In my configuration I have 2 DNS servers, one for public and second for internal addresses. When I test the authentication and make pcap I can see that the MWG is querying only the DNS server(public) which doesn't know about interal domain and never tries the second, which has the entry for our LDAP servers.
I've also tried to put static entry into hosts file, but it looks like the MWG never look into it.