Here is a good reference for port requirements for the different windows
services.
This is a good doc to take to the "router guys" when setting up firewalls
and such.
832017 Port Requirements for the Microsoft Windows Server System
http://support.microsoft.com/?id=832017
(e-mail address removed)
This posting is provided "AS IS"
with no warranties, and confers no rights
--------------------
| From: "Chris W." <
[email protected]>
| References: <
[email protected]>
| Subject: Re: Client authentication through a firewall
| Date: Tue, 3 Feb 2004 11:38:41 -0500
| Lines: 22
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 5.50.4922.1500
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4925.2800
| Message-ID: <
[email protected]>
| Newsgroups: microsoft.public.win2000.active_directory
| NNTP-Posting-Host: 149.168.200.58
| Path:
cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTNGXS01.phx.gbl!TK2MSFTNGXA0
5.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP11.phx.gbl
| Xref: cpmsftngxa07.phx.gbl microsoft.public.win2000.active_directory:65274
| X-Tomcat-NG: microsoft.public.win2000.active_directory
|
|
|
| | > Does anyone know what ports have to opened up on a
| > firewall to allow AD Authentication from a client on one
| > side of the firewall, and the server on the other?
| >
| > Thanks
| > Craig M
|
|
| The following ports must be open on the firewall to allow users and
| computers to authenticate through a firewall.
|
| a.. Microsoft-DS traffic (445/tcp, 445/udp)
| b.. Kerberos authentication protocol (88/tcp, 88/udp)
| c.. Lightweight Directory Access Protocol (LDAP) ping (389/udp)
| d.. Domain Name System (DNS) (53/tcp, 53/udp)
|
|
|
|
