Firewalls: Trust me!

I have several clients who have multiple sites, as well as multiple Active Directory (AD) forests.  As security is so important they want to lock things down the best they can, but they also need to open up the necessary ports to allow the domain trusts to work.  The ports required for this are:

Port Number Protocol Traffic Type
53 TCP/UDP Domain Naming Service (DNS)
88 TCP/UDP Kerberos
389 TCP/UDP LDAP
445 TCP Server Message Block (SMB)
636 TCP LDAP (SSL)

These ports should work for every version of Active Directory dating back to Server 2000, but I have not tried anything earlier than 2012.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s