Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » RODC Ports
RODC Ports [message #388234] Tue, 09 February 2010 22:52 Go to next message
Paul  is currently offline Paul  Philippines
Messages: 1879
Registered: July 2009
Senior Member
The below link details the firewall ports required between RODC and RWDC.

http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
The following table lists the ports that you must open on the firewall to
allow communication from a writeable domain controller in a corporate
network to a read-only domain controller (RODC) in a perimeter network.
Port Type of traffic
TCP 135 RPC, EPM
TCP Static 53248 FRsRpc
TCP 389 LDAP

Don't you think other ports like 88, 53, 123, 3268, 445, 464 are also
required to be opened.

Also why is FRS Port required to be opened, when sysvol replication is also
unidirection.
Re: RODC Ports [message #388256 is a reply to message #388234] Wed, 10 February 2010 00:24 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello Paul,

As the RWDC will not ask the RODC for GC, DNS or Kerberos for example, there
is no need to open them that way, but as you can see in the following table
the RODC must have more ports open in the firewall to contact the RWDC.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> The below link details the firewall ports required between RODC and
> RWDC.
>
> http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
> The following table lists the ports that you must open on the firewall
> to
> allow communication from a writeable domain controller in a corporate
> network to a read-only domain controller (RODC) in a perimeter
> network.
> Port Type of traffic
> TCP 135 RPC, EPM
> TCP Static 53248 FRsRpc
> TCP 389 LDAP
> Don't you think other ports like 88, 53, 123, 3268, 445, 464 are also
> required to be opened.
>
> Also why is FRS Port required to be opened, when sysvol replication is
> also unidirection.
>
Re: RODC Ports [message #388371 is a reply to message #388256] Wed, 10 February 2010 05:34 Go to previous message
Jorge Silva  is currently offline Jorge Silva
Messages: 398
Registered: July 2009
Senior Member
Hi Meinolf,
> As the RWDC will not ask the RODC for GC, DNS or Kerberos for example,
> there is no need to open them that way, but as you can see in the
> following table the RODC must have more ports open in the firewall to
> contact the RWDC.

Hum....
Perhaps, except during dcpromo
:)
--

I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MVP Directory Services

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.




"Meinolf Weber [MVP-DS]" <meiweb@(nospam)gmx.de> wrote in message
news:6cb2911dd59d8cc7841920bce78@msnews.microsoft.com...
> Hello Paul,
>
> As the RWDC will not ask the RODC for GC, DNS or Kerberos for example,
> there is no need to open them that way, but as you can see in the
> following table the RODC must have more ports open in the firewall to
> contact the RWDC.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> The below link details the firewall ports required between RODC and
>> RWDC.
>>
>> http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
>> The following table lists the ports that you must open on the firewall
>> to
>> allow communication from a writeable domain controller in a corporate
>> network to a read-only domain controller (RODC) in a perimeter
>> network.
>> Port Type of traffic
>> TCP 135 RPC, EPM
>> TCP Static 53248 FRsRpc
>> TCP 389 LDAP
>> Don't you think other ports like 88, 53, 123, 3268, 445, 464 are also
>> required to be opened.
>>
>> Also why is FRS Port required to be opened, when sysvol replication is
>> also unidirection.
>>
>
>
Previous Topic:find dup DNS entores in DNS
Next Topic:2008 Upgrade
Goto Forum:
  


Current Time: Thu Jan 18 20:45:50 MST 2018

Total time taken to generate the page: 0.02221 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software