Ports required for authentication and file sharing over the internet?

[Guest]

I am unable to log in to my home windows 200 domain over the internet from a computer on my campus network. (Logins over the internet succeed from networks outside my campus.)

A likely cause is that the campus firewall has disabled ports necessary to authenticate with my home domain controller and share files over the internet. I found a list of the default w2k ports here

http://support.microsoft.com/default.aspx?scid=kb;en-us;289241

What subset of these ports must be open to allow authentication and file sharing with a windows domain over the internet?

Thanks

Kerry

 

[Steven L Umbach]

I doubt you will be able to get through the firewall as they probably want to prevent
that for good reason. Ask the admins for help and ask if they will allow you to use a
VPN connection to connect to your home network. Though I have not tried it, you may
be able to access your home network through the internet by configuring Terminal
Services Web Access. --- Steve

http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/tsac.asp

I am unable to log in to my home windows 200 domain over the internet from a

computer on my campus network. (Logins over the internet succeed from networks
outside my campus.)

A likely cause is that the campus firewall has disabled ports necessary to

authenticate with my home domain controller and share files over the internet. I
found a list of the default w2k ports here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;289241.

What subset of these ports must be open to allow authentication and file sharing

with a windows domain over the internet?

 

[Steven L Umbach]

Apparently they are allowing outbound port 3389 for RDP - Terminal Services/Remote
Desktop. VPN, probably pptp for your situation, would be the best way for file
transfers. You may be able to do some copy and pasting with Remote Desktop. To answer
your first question, other than VPN, port 139 tcp or 445 tcp would be needed for
traditional file transfer via file and printer sharing which many ISP's will not even
allow anymore. If you really want to try it, open port 445 at your home end
forwarding to your internal computer being sure to use a complex user password and
then enter your home public IP address in your run box in unc format such as
\\xxx.xxx.xxx.xxx --- Steve

Steven,

Thank you for the thoughful reply to my question regarding internet access to my

home w2k domain. I am gaining a better understanding of the significant security
obstacles to my goal of transferring files to and from this home domain over an
internet connection located within my secured campus network.

I get the impression that terminal services is more of a web application server

than a method of file transfer, so I will postpone that lead for the moment. On a
related note, I have no difficulty establishing remote desktop sessions with my home
domain from the campus internet connection. This leads to believe there must be
*some* straightforward and secure way to transfer files to and from my home from this
campus connection.

VPN seems like a logical choice. I set up a VPN connection on my client and server

but again was unable to reach my domain from the campus connection. I am new to VPN
and as you hint in your message I suspect that VPN too would require "permission"
from the campus network administrator.

I will do some more research and probably post another questions about VPN or

alternative forms of secure file transfer over the internet.