In
Brent Peterson said:
I am looking for port information to filter between two Microsoft DNS
servers
I have port 53 UDP/TCP open but I can not transfer to the secondary
servers unless I turn off port filtering.
What other ports do I need open?
Brent
If you are attempting to use port filtering on the interface you need to
open ports for outbound connections. So what you are going to have to do is
open ports starting at 2400 to 65535.
It is much easier to use the port filtering in RRAS, while RRAS does not
allow you to open port ranges you can open the incoming ports you need then
allow all established connections coming from your internal network.
Firewalls such as Zone Alarm from Zone Labs are a lot easier to configure
for these connections and can distinguish between the authorised programs
using these ports so it won't allow unauthorised programs such as Worms and
Trojans to use these ports.
I am not pushing any type or brand of firewalls I am just trying to make you
aware of the reprocutions of systematically opening or closing ports.
For information on configuring RRAS port filtering aka "The Poor Mans
Firewall" can be found here: 254018 - How to Configure Input Filters for
Services That Run Behind Network Address Translation
http://support.microsoft.com/default.aspx?scid=kb;en-us;254018