You’ve likely seen this, but it does
describe ports needed for REPLICATION…… However, Steve does
talk about the benefits of using IPSec through a firewall…… Rick From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner It's been
a few weeks, so time for another question on ports. MS's whitepaper that
discusses how to setup AD to communicate through a firewall (the one that
focuses primarily on DC to DC communication) lists the following ports needed
to service "User Login and Authentication" and "Computer Login
and Authentication": 445
TCP/UDP 88
TCP/UDP 389 UDP 53
TCP/UDP (I would
add ICMP for GPO processing.) Most
people who normally respond to "what ports are needed..." include
135. I just
ran a Netmon trace during a logon from an XP machine and do see some traffic
hitting 135. I also see traffic hitting 137 and 139. I'm not
good at reading traces so I don't really know what's happening besides the
basic traffic flow. Does anyone know what 135 (and 139 I suppose)
are being used for? And if they're blocked does it totally break everything or
just limit certain functions? I am not worried about DC to DC communication.
The scenario is member systems separated from DC's with a firewall and the
network folks want to allow the absolute minimum ports. Thx |
- [ActiveDir] Ports during authentication/logons... David Adner
- RE: [ActiveDir] Ports during authentication/logons... Rick Kingslan
- RE: [ActiveDir] Ports during authentication/logons.... Brian Desmond
- RE: [ActiveDir] Ports during authentication/logons.... David Adner
- RE: [ActiveDir] Ports during authentication/log... Rick Kingslan
- RE: [ActiveDir] Ports during authentication/logons... Rick Kingslan
- RE: [ActiveDir] Ports during authentication/logons... Tony Murray
- RE: [ActiveDir] Ports during authentication/logons... Tony Murray