Firewall DNS AD

D

Dean

Hi,..

I have a Citrix server on one subnet seperated by a
firewall that talks to a DC and domain member servers.
At the moment I can TS into the domain servers on the
other subnet from my Citrix (to be) server. I can also map
drives to these servers.

DNS UDP port 53 is open for DNS traffics and I can do
NSlookups,...fine.

What I can't do is add this citrix server to it's relevant
domain,.. I know their are additional ports to open u for
this to happen.
Does anyone know which ones...?
 
A

Ace Fekay [MVP]

In
Dean said:
Hi,..

I have a Citrix server on one subnet seperated by a
firewall that talks to a DC and domain member servers.
At the moment I can TS into the domain servers on the
other subnet from my Citrix (to be) server. I can also map
drives to these servers.

DNS UDP port 53 is open for DNS traffics and I can do
NSlookups,...fine.

What I can't do is add this citrix server to it's relevant
domain,.. I know their are additional ports to open u for
this to happen.
Does anyone know which ones...?
Click to expand...


AD requires approx 30 ports. Easier to use a VPN thru the firewall....here
are some references below...

154596 - Configuring RPC Dynamic Port Allocation to Work With Firewall :
http://support.microsoft.com/default.aspx?scid=kb;EN-US;154596

179442 - How to Configure a Firewall for Domains and Trusts:
http://support.microsoft.com/?id=179442

Active Directory Replication over Firewalls - Microsoft Service Providers:
http://www.microsoft.com/serviceproviders/columns/config_ipsec_P63623.asp

Download details Active Directory in Networks Segmented by Firewalls:
http://www.microsoft.com/downloads/...familyid=c2ef3846-43f0-4caf-9767-a9166368434e

http--securityadmin.info-faq.htm - Domain traffic thru a firewall:
http://securityadmin.info/faq.htm#6.10

Q289241 - A List of the Windows 2000 Domain Controller Default Ports:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q289241&

Restricting Active Directory Replication Traffic to a Specific Port
(Q224196):
http://support.microsoft.com/?id=224196


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD through firewall- ports 1
Firewall access 3
DNS and Domain problem 5
Win2K Invalid DNS Issue 2
DNS, Internet Connectivity 4
DNS-Server deletes entries 3
removal of one of my AD-Integrated DNS servers 6
Cannot contact other DNS Server 6

Top