NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FOCUS-MS> 2000-q2

Subject: Firewall ports
From: Gene Gomez (ggomezVERANCE.COM)
Date: Wed Jun 21 2000 - 15:33:11 CDT

Next message: Steven Kirschbaum: "Re: Firewall"
Previous message: Ray Marron: "Re: Firewall"
Next in thread: Stern, Sam: "Re: Firewall ports"
Reply: Stern, Sam: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: dstevenson: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: Dante Mercurio: "Re: Firewall ports"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hey all,
I'm setting up a firewall (most likely going to be the Watchguard Firebox
II) to protect my corporation's core network from our public one. One issue
is the Exchange Server (5.5 SP3, on Windows 2000).
Which ports should I open so that user names can be authenticated to the
Windows 2000 AD domain inside the corporate network? When I am running
Terminal Services to the machine, I get this from netstat:

<begin_paste>
Active Connections

  Proto Local Address Foreign Address State
  TCP <mail_srv>:3389 <my_machine>:1033 ESTABLISHED
  TCP <mail_srv>:3389 <my_machine>:1272 ESTABLISHED
  TCP <mail_srv>:3749 <domain_controller>:1026 ESTABLISHED
  TCP <mail_srv>:3752 <domain_controller>:netbios-ssn
ESTABLISHED
  TCP <mail_srv>:3760 <domain_controller>:epmap TIME_WAIT
<end_paste>

After logging into OWA, I get:

<begin_paste>
Active Connections

  Proto Local Address Foreign Address State
  TCP <mail_srv>:https <my_machine>:1312 TIME_WAIT
  TCP <mail_srv>:https <my_machine>:1313 ESTABLISHED
  TCP <mail_srv>:https <my_machine>:1315 ESTABLISHED
  TCP <mail_srv>:3389 <my_machine>:1033 ESTABLISHED
  TCP <mail_srv>:3389 <my_machine>:1272 ESTABLISHED
  TCP <mail_srv>:3749 <domain_controller>:1026 TIME_WAIT
  TCP <mail_srv>:3752 <domain_controller>:netbios-ssn
ESTABLISHED
  TCP <mail_srv>:3760 <domain_controller>:epmap TIME_WAIT
  TCP <mail_srv>:3764 <domain_controller>:1026 ESTABLISHED
<end_paste>

So, besides allowing return traffic, it seems that I have to open TCP 1026
for at least the OWA portion to work. It looks like it might be a good idea
to allow netbios-ssn and epmap, as well.
Anyone know what netbios-ssn and epmap do? Or even better, their port
numbers? I know that I'll have to open port 389 (for the Active Directory
Connector) as well. Anything else I'm missing? All I really need to worry
about is user authentication and the Exchange Server should run itself,
correct?

-Gene

Next message: Steven Kirschbaum: "Re: Firewall"
Previous message: Ray Marron: "Re: Firewall"
Next in thread: Stern, Sam: "Re: Firewall ports"
Reply: Stern, Sam: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: dstevenson: "Re: Firewall ports"
Reply: Henry Sieff: "Re: Firewall ports"
Reply: Dante Mercurio: "Re: Firewall ports"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]