Hi
We want to have 2 Forest (w2K) with one-way relationship Trust through a Firewall (customer demand)
So I have a list of port found in article Technet KB 280132 (I think this article provide some good information o
AD communication).
---------------------------------------------------------------
• Open ports for Active Directory Communication
TCP port 389 for LDAP to Directory Servic
UDP port 389 for LDAP to Directory Servic
TCP port 3268 for LDAP to Global Catalog Serve
TCP port 88 for Kerberos authenticatio
UDP port 88 for Kerberos authenticatio
• Open the ports required for access to the DNS server :
TCP port 5
UDP port 5
• Open the appropriate ports for RPC communication
TCP port 135 - RPC endpoint mappe
TCP ports 1024+ - RPC service ports (*
TCP port 445 – Netlogo
• Open the ports required for RDP (Terminal Services Client)
 TCP port 338
---------------------------------------------------------------
So
if A trust B ( user... DC (B) --- will relay authentification to ---> DC(A) ...ressource
So I search some information to create explicit rules in Firewall
which port must be open/close between the forests in both side or one side on the firewall
For example
Which ports can open in both side or one side and where side (A-p53 -> B-p53) or (A-p53 <--> B-p53) ..
and for every port listed below

Thanks for your help or reference library (technet, or other)

Eric Sherida

If you use IPSec in tunnel mode, you won't have to open as many ports and
you can configure the firewall rules much easier.

-ds


"e_sheridan" <anonymous@discussions.microsoft.com> wrote in message
news:FF011B92-33AB-4A6F-8585-2C07CB345CEA@microsoft.com...