I found it hard to find a definitive list on the internet for what ports needed opening for Active Directory to replication between Firewalls. Here are my findings and all is working so, hope this helps someone else.
| |
TCP |
UDP |
ICMP |
| RDP |
Remote Desktop |
3389 |
|
|
| DNS |
DNS Download |
53 |
|
|
| DNS Queries |
|
53 |
|
| WINS Replication |
WINS |
42 |
|
|
| WINS |
|
42 |
|
| ICMP |
echo-request |
|
|
8 |
| info-request |
|
|
15 |
| mast request |
|
|
17 |
| timestamp |
|
|
13 |
| NetBIOS Services |
Name Resolution Service |
137 |
137 |
|
| Datagram Services (Browsing) |
|
138 |
|
| Session Service (net use) |
139 |
|
|
| SMB |
Input |
445 |
|
|
| Output |
|
445 |
|
| Remote Storm |
|
1025 |
|
|
| NTP |
NTP |
123 |
|
|
| NTP |
|
123 |
|
| Content Replication |
Content_Repl |
507 |
|
|
| Kerberos |
Kerberos-Secure |
|
750 |
|
| Kerberos_v5 |
88 + 464 |
|
|
| Kerberos_v5 |
|
88 + 464 |
|
| LDAP |
LDAP |
389 |
|
|
| LDAP |
|
389 |
|
| LDAP over SSL/TLS |
636 |
636 |
|
| Global Catalog |
3268 |
|
|
| Global Catalog over SSL/TSL |
3269 |
|
|
| Replication |
Active Directory |
RPCSS Dynamic |
|
|
| FRS |
RPCSS Dynamic |
|
|
| Microsoft CIFS |
Microsoft-CIFS (DS) |
445 |
|
|
| Microsoft-CIFS (DS) |
|
445 |
|
| RPC – Cert Services (+) |
RPC |
135 |
|
|
| SNMP |
SNMP Agent |
|
161 |
|
| SNMP Trap |
162 |
|
|
| ASP.Net State Service |
|
42424 |
|
|
| Link State Algorithm Routing |
|
691 |
|
|
| TCP – High Ports (Cert Services) |
> 1023 |
1024 - 65535 |
|
|