Re: [FW-1] AD logon ports

Subject:	Re: [FW-1] AD logon ports
From:	"Garcia, Ivan" <ivan.garcia.vadasz AT HP DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 16 Feb 2006 13:51:27 +0100

Hi David,

By default the port you're looking for is dinamic. To use a firewall you have 
to restric the ports for AD replication.

Check this doc.
http://support.microsoft.com/kb/224196/en-us


Regards,
Iván García

 

-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT 
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of David CALLEBAUT [AEMS Be]
Sent: jueves, 16 de febrero de 2006 11:50
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] AD logon ports

Hi all,

Does someone know what RPC or DCE-RCP  (or yet another) service I need to allow 
for a MS machine in a DMZ to logon to the Active Directory through a
FW-1 R55HFA07 on IPSO3.8? 

I've already opened LDAP, kerberos, DNS. But I know that there is also an RPC 
connection. 
However I am unable to find out which one I should use and I don't find any 
info about it either on Checkpoints SK or other resources.

Perhaps I'm overlooking something here?
Does anybody have any info?

Any help would be greatly appreciated!

David Callebaut

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to LISTSERV AT 
amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email 
fw-1-owner AT ts.checkpoint DOT com 
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] AD logon ports, David CALLEBAUT [AEMS Be] Re: [FW-1] AD logon ports, Garcia, Ivan <= Re: [FW-1] AD logon ports, Hal Dorsman [FW-1] Eventia Reporter NGX Email Problem, Tony Montesano Re: [FW-1] AD logon ports, Fabrice BARUTEL [FW-1] AD logon ports, Mate Katavich

Previous by Date:	[FW-1] SCLIENT - Office Mode, Chkp Videotron
Next by Date:	[FW-1] Eventia Reporter NGX Email Problem, Tony Montesano
Previous by Thread:	[FW-1] AD logon ports, David CALLEBAUT [AEMS Be]
Next by Thread:	Re: [FW-1] AD logon ports, Hal Dorsman
Indexes:	[Date] [Thread] [Top] [All Lists]