Reset Search
 

 

Article

KB21482 - Ports need to be open in the Firewall if you need to configure Active Directory (AD) Authentication Server in PCS

« Go Back

Information

 
Last Modified Date8/1/2015 7:15 PM
Synopsis
For authentication, PCS needs to communicate to the authentication server. Pulse Connect Secure and firewalls can be placed in the network in various modes, as explained in the KB10162 - Determine Topology and Connect the SSL VPN(s) to the network

In some instances, where the traffic from the PCS is filtered by the firewall before it can reach the authentication server ( i.e. DMZ to Internal LAN), we need to open the following ports in the firewall, so that the communication can go on uninterrupted.
 
Problem or Goal
What are the ports that we need to open in the firewall (Route: DMZ to Internal LAN), so that the communication can go on uninterrupted for authentication purposes.
Cause
Solution
  1. Kerberos – Port 88 (TCP and UDP)
  2. User and machine authentication, replication and trust - Port 464 (TCP and UDP)
  3. LDAP and CLDAP - Port 389 (TCP and UDP)
  4. LDAPS - Port 636 (TCP)
  5. SMB - Port 445 (TCP and UDP)
  6. RPC - Port 135 (TCP)
  7. Dynamic port range - 49152 through 65535 (TCP )
For more information, refer to the following link:  https://technet.microsoft.com/en-us/library/Dd772723(v=WS.10).aspx
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255