Our company has a few Windows Server 2012 R2 Domain Controller and need to do AD replication through our corporate Firewall as DCs are separate by the firewall. I will follow the link from MS
for firewall ports opening.
My question is when I put in the firewall rules shall I put the Source Domain Controller ports to ANY (i.e. Source Port) and the Destination Domain Controller ports (i.e. Destination Ports) to the ports described on the about link ?
Also, I suppose if I have two DCs, I need to put two firewall rules, one for allow replication from the first DC to the second one and another rule to allow replication from second DC to the first one ?
For Example :
Local Address Local Port Remote Address Remote Port
DC1 IP Any DC2 IP TCP 389, 88, 9389, 135, 445 .... UDP 389, 445, 88 .....
DC2 IP Any DC1 IP TCP 389, 88, 9389, 135, 445 .... UDP 389, 445, 88 .....
Appreciate your kind advice in advance.