Solved

Ports to open in Checkpoint Firewall for Windows Clients / DC Active Directory Communications

Posted on 2016-09-30
5
42 Views
Last Modified: 2016-10-01
Hello All -

Looks like we will be installing a new Checkpoint firewall between some of our Windows 10 Enterprise client machines and our Widows Server 2012 R2 Domain Controller soon. I wanted to do some homework to see what ports would need to be open to allow the required communications for Active Directory to pass through the firewall. With a few quick searches I did get some hits on DC to DC communications, but I'm just concerned with client to DC at this point.

Thanks!
0
Comment
Question by:Wookie68
  • 3
  • 2
5 Comments
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
Comment Utility
0
 

Author Comment

by:Wookie68
Comment Utility
Thanks for the link, but I didn't see anything about Client to Server communications. The table specified that it was DC to DC. Are they the same for Client to Server? I'd like to not open up more than what is truly necessary.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
MS is again bad at documentation. They write DC to DC, but the table holds all sorts of client2DC ports as well as seen in the description of the single items. ->You can use it.
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
0
 

Author Closing Comment

by:Wookie68
Comment Utility
Thanks for the links and clarifications! With the info you provided and the firewall logs themselves I should be able to narrow things down to the minimum needed. Thanks again!
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now