Opening up those well ports is an open invitation to be attacked. You need a VPN solution between sites. Absolutely. tim _____ From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Jon Spriggs Sent: Thursday, March 16, 2006 5:23 AM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Firewall Ports for Windows NT/2K/2K3 Authentication Hi there, I need to get a couple of firewalls between three offices opened up so that the servers in one office can authenticate with the domain controller in the others. I've got a range of DC's to talk to; Windows NT Windows 2000 Windows 2003 What do I need for each? The reason for this change is that previously, these servers were all acting independantly, and we're now trying to get them to authenticate to the company's domain controllers, but one set is NT and the other 2000/3 (I'm still not sure which it is!) I've requested DNS, WINS and port 443, although I've also been told I need the "High ports" (1024 to 65535) and Netbios although I'm reluctant to request them unless I need to. Is there anything I'm missing? I don't need to establish a trust, as this should already be in place between the 2000/3 and the NT side. Thanks for any help you can provide. Rgds, Jon "The Nice Guy"