I log on to a win2k domain with the r-56 client using SDL and I have no inbound allowed rules on the client. I use the same desktop policy that is listed below. I believe what Richard has listed below is needed for the inbound FW rule, I take the easy road here and say "any". -GS
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Quick, Richard A. Sent: Tuesday, March 01, 2005 9:41 AM To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM Subject: Re: [FW-1] Desktop Security & Windows 2000 logon Here the list that I opened. Guru's please review and see if I missed something. TCP 135, 139, above 1024, 389, 636, 3268, 3269, 88, 53, 42, 445 UDP 135, 137, 138, above 1024, 389, 636, 3268, 3269, 88, 53, 42 Some of the above ports are for WINS replication. You may or may not need them depending on your level of AD and the mode you are running. Did I miss any? -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Zdenek Kotesovec Sent: Tuesday, March 01, 2005 8:36 AM To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM Subject: [FW-1] Desktop Security & Windows 2000 logon Hello all, I'm using Check Point SecureClient on my computer. The settings of Desktop Security are the following (default): *** Inbound Rules: Source: Any Desktop: [EMAIL PROTECTED] Service: Any Action: Drop Track: Log *** Outbound Rules: Desktop: [EMAIL PROTECTED] Destination: Any Service: Any Action: Accept Track: None *** I want to allow the logon to Windows 2000 domain from my computer. Would anybody of you write me the minimum list of ports which I have to allowed in inbound rules for successful logon to Windows 2000 domain? Regards & Thanks. Zdenek Kotesovec ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================