Re: what port is domain authentication using.

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

In news:77C5F8C7-CC7F-4AB5-824E-4D256BE7AF2C@xxxxxxxxxxxxx,
inenewbl <inenewbl@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hi all. I have a small office with a few domain client PCs. The DCs
are housed in my main office. The small office is located in another
location away from the main office and both offices are connected
using a lease line. We are using a firewall to restrict traffic
coming from the small office into the main office. Hence i would like
to know what port should i open to allow the domain PCs in the small
office to be able to authenticate to the DC upon logon. Thks in
advance.

There are about 29 ports, including UDP >1023 all inclusive. Your better bet
is to create a wide open VPN tunnel between your hardware firewalls, that is
if they are capable of doing so. This way they will connect the two offices
by their internal subnets and not thru the firewall. And if you are using
NAT, you will NEED a VPN because necessary traffic CANNOT traverse a NAT
unless using a tunnel based VPN that uses the NAT devices as the endpoint.

If you really want to know what ports they are, here you go. But I think it
will swiss cheese the firewall with too many ports opened.

Active Directory Replication over Firewalls
http://technet.microsoft.com/en-us/library/bb727063.aspx

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations


.

Relevant Pages

  • Re: NETFW.INF, Preconfigured Firewall settings and dialogs
    ... You can only Add Ports in firewall exclustion ... You can use the document '832017 Port Requirements for the Microsoft ... Windows to find the corresponding port and protocol for the specific ...
    (microsoft.public.windows.server.networking)
  • Re: Azureus suddenly stops
    ... So you can have NAT problem and still be downloading, ... restricted Azureus I would get no traffic at all. ... because Azureus is working the firewall ... You have to actually open the ports (the ones you've specified in the ...
    (comp.sys.mac.system)
  • Re: Windows Firewall Port requirements on Server 2003 SP1 DC
    ... > I am interested in knowing which ports should be enabled on the Domain ... > Controller which is on Server 2003 SP1 EE with Windows Firewall ... please direct all replies ONLY to the Microsoft public newsgroup ...
    (microsoft.public.windows.server.active_directory)
  • Re: VPN not working when client behind another firewall
    ... The latest is that we have tested the ports and GRE ... >place a hardwarebased firewall router out in front of SBS ... This area is NAT-T over IPSec across ... >server to work when behind a NAT. ...
    (microsoft.public.windows.server.sbs)
  • Re: Update: Messenger Spam
    ... > Messenger Spam phenom: ... Microsoft explains how to block these with a firewall, ... I closed the ports that Microsoft said to close but it ...
    (comp.security.firewalls)