mercredi 20 octobre 2010

[Ports used] DirectAccess

On the posts related to network flux here's DirectAccess or DA.

Warning:

Using NAT is not supported in this case:
  • On public address of the server / WAN network card and if the gateway are not deployed on Windows Server 2012
PortProtocolRemark
Forefront UAG Mobile user (IPv4)
AllICMPv4~
AllICMPv6IPv6
41Protocol6to4
443TCPIP-HTTPS
3544UDPTeredo

Forefront UAG Mobile user (IPv6)
AllICMPv6~
50ProtocolESP-protected payload
500UDPIKE and AuthIP traffic

Forefront UAG LAN
41ProtocolISATAP
AllICMPv4~
AllICMPv6~

Forefront UAG NAP
1645UDPLegacy RADIUS Authentication and Authorization
1646UDPLegacy RADIUS Accounting
1812UDPRADIUS Authentication and Authorization
1813UDPRADIUS Accounting

Forefront UAG DNS
53UDP~

Forefront UAG Authentication
88TCP and UDPKerberos
135TCPRPC call
137UDPNetBios Session
138UDPNetBios Datagram
139TCPRPC NT 4.0
389TCP and UDPLDAP
445TCP and UDPCIFS Share
464TCP and UDPKerberos Password v5 authentication
636TCPLDAPS
1024 ~ 5000TCPRPC services (Windows 2003 series)
49152 ~ 65535TCPRPC services (Windows 2008 series)
3268 and 3269TCPAD global catalog

Forefront UAG SCCM
67 and 68TCP and UDPPXE - DHCP
69UDPPXE - TFTP
135TCPManager Console - RPC listener
2701 and 2702TCP and UDPManager Console - Remote control
4011UDPPXE - BINL
8530TCPSoftware Update Point
8531TCPSoftware Update Point (SSL)
63 000 ~ 64 000TCPDistribution Point - Multicast

Forefront UAG Miscellaneous
9UDPWake on LAN
80TCP~
443TCP~
445TCPFile sharing
3389TCPRemote desktop

[Update]: thanks to Benoît SAUTIERE who notice me about the missing ports for Windows 2008 domain controller.

Aucun commentaire:

Enregistrer un commentaire