The problem is caused by a failure to authenticate with an LDAP address that is located behind a remote Security Gateway.
LDAP queries are defined as connections originating at the Security gateway and destined for the LDAP server.
When users attempt to authenticate, the remote Security Gateway sends LDAP queries to the LDAP server. These LDAP queries are considered part of Security Gateway Control Connections. Therefore, these LDAP queries are performed before any rules in the Rule Base. LDAP queries are sent in clear text.