Windows Ports when used on DMZ

Windows Ports when used on DMZ
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Windows Ports when used on DMZ Derek Smith 06-27-2005
Posted by Derek Smith on June 27, 2005, 12:08 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi,

We have a Windows Server on a DMZ, and it's having trouble querying Active
Directory. We have a PIX and have allowed what we thought is everything we
need. Does anyone know exactly what ports are needed to query Active
Directory and have all services running with a Windows Box right out of the
box?

More specifically, we are getting an RPC Error when trying to add
administrators to the local groups. It works fine when we allow all IP, so
we know the problem is with the PIX.

Thanks in advance,

Derek Smith



Posted by Steven L Umbach on June 27, 2005, 12:45 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
See the links below for details from a KB article that discusses such. More
than likely your problem is with dynamic RPC in that you are finding ports
1025-1030 being dropped by your firewall. You can configure dynamic RPC to
use a limited number of ports and then configure your firewall to allow
them. --- Steve

http://support.microsoft.com/?id=154596
http://support.microsoft.com/kb/179442/

> Hi,
>
> We have a Windows Server on a DMZ, and it's having trouble querying Active
> Directory. We have a PIX and have allowed what we thought is everything
> we need. Does anyone know exactly what ports are needed to query Active
> Directory and have all services running with a Windows Box right out of
> the box?
>
> More specifically, we are getting an RPC Error when trying to add
> administrators to the local groups. It works fine when we allow all IP,
> so we know the problem is with the PIX.
>
> Thanks in advance,
>
> Derek Smith
>



Similar ThreadsPosted
Assign USB ports to user's session Windows XP August 15, 2007, 6:00 pm
Windows 2003 firewall - limiting the range of dynamic RPC ports February 17, 2006, 4:04 am
Re: PORTs June 27, 2005, 12:14 pm
Re: PORTs June 27, 2005, 12:12 pm
Closing ports June 27, 2005, 12:56 pm
WSUS ports November 30, 2005, 9:35 am
RE: How do you close ports? January 15, 2006, 4:21 pm
Ports usage March 29, 2006, 1:58 pm
ipsec ports November 13, 2006, 9:31 am
Opening ports June 30, 2008, 11:28 am

The site map in XML format XML site map

Contact Us | Privacy Policy