Use of UDP Port 389

G

Guest

I currently have a network of Windows 2000 servers connected via a VPN.

Recently I noticed that our firewall was blocking UDP Port 389 traffic to an
IP network that we do not have any domain controllers in. The traffic is
orginating from each 2000 server. It appears as if the AD may be trying to
replicate to an ip address that doesn't even exist.

I am assuing the UDP traffic being blocked is a AD ping to find the
172.192.1.190 address.

How can we first verify that AD is trying to replicate to 172.192.1.190 and
then stop it?

Any help will be appreciated.

Thanks
 
J

Joe Richards [MVP]

The UDP ping is used during the DC location process. Check DNS for any
references to a DC with that IP address.
 
G

Guest

Joe,

There is no entry in DNS for 172.192.190.1. That is what is so strange about
this.

How can I get the traffic to stop, since there is no DC with that address?
The other question is what caused this to happen in the first place. We do
not even use that subnet for anything other than dial-up access?

Thanks in advance
 
J

Joe Richards [MVP]

I would say do a network trace of the machines doing the requests and see if
there is anything around it that makes sense. You can also try to figure out
which processes are using that port on those machines.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problem with TCP Port 389 LDAP 1
What is up with port 135? 3
UDP Port 4500 Error 0
LDAP UDP Port Problem 6
How to check the status of the UDP port status 0
Windows XP AVG 8.0 Firewall UDP Port 137 6
Network Ports used by RIS during deployment 1
RPC communication error while establishing trust from Windows 2003 to 2000 4

Top