JSI Tip 1220. How do I establish a trust across a firewall?


You need to enable the following ports:

   PORT 135 (TCP or UDP) for the Remote Procedure Call (RPC) Service.
   PORT 137 (UDP) for the NetBIOS Name Service.
   PORT 138 (UDP) for NetBIOS datagram (Browsing).
   PORT 139 (TCP) for NetBIOS session (NET USE).
   ALL PORTS above 1024 for RPC Communication.
See tip 0956 for using LMHOSTS for name resolution.

NOTE: You would have multple IP_ADDRESS_OF_PDC PDCname #PRE #DOM:DomainName entries.

If you use DNS and WINS, enable:

   PORT 53 (TCP and UDP) for DNS.
   PORT 42 (TCP and UDP) for WINS Replication.
If you establish the trust through PPTP, enable:
   PORT (TCP) 1723 for PPTP.
   IP PROTOCOL 47 (GRE)
For SMS Remote Helpdesk, enable:
   PORT (TCP) 1761 for Verification of Rights (IPX 0x8138).
   PORT (TCP) 1762 for Remote Control (IPX 0x8238). 
   PORT (TCP) 1761 for Remote Reboot (IPX 0x8138). 
   PORT (TCP) 1763 for Remote Chat (IPX 0x845F).
   PORT (TCP) 1764 for File Transfer (IPX 0x4100).
   PORT (TCP) 1761 for Remote Execute (IPX 0x8138).
Use NOTEPAD to read %SystemRoot%\System32\Drivers\Etc\Services for a more complete list.
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish