[THIN] Re: OT: AD Browsing Issue

  • From: Berny Stapleton <berny@xxxxxxxxxxxxxxxxx>
  • To: thin@xxxxxxxxxxxxx
  • Date: Thu, 8 Mar 2012 13:32:49 +0000

I prefer the term "router", but effectively for communication between
the client and the DC; yes.

On Thu, Mar 8, 2012 at 1:29 PM, Webster <webster@xxxxxxxxxxxxxxx> wrote:
> In other words, Firewall becomes Swiss Cheese.
>
>
> Carl Webster
> Consultant and Citrix Technology Professional
> http://www.CarlWebster.com
>
> ________________________________________
> From: thin-bounce@xxxxxxxxxxxxx [thin-bounce@xxxxxxxxxxxxx] on behalf of 
> Berny Stapleton [berny@xxxxxxxxxxxxxxxxx]
> Sent: Thursday, March 08, 2012 7:12 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: OT: AD Browsing Issue
>
> Firewall requirements for client access to domain controllers are as follows:
>
> "TCP-1024-5000"
> "TCP-49150-65535"
> "UDP-1024-5000"
> "UDP-49150-65535"
> "A-Kerberos"
> "UDP-LDAP-389"
> "DNS"
> "LDAP"
> "PING"
> "SMB"
> "MS-AD"
> "NBT"
>
>
> "A-Kerberos" protocol tcp src-port 1024-65535 dst-port 88-88
> "A-Kerberos" + udp src-port 1024-65525 dst-port 464-464
> "A-Kerberos" + tcp src-port 1024-65525 dst-port 464-464
> "A-Kerberos" + udp src-port 1024-65535 dst-port 88-88
>
> ************************************************
> For Archives, RSS, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> //www.freelists.org/list/thin
> ************************************************
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************

Other related posts: