Printable View
Can anyone give me some ideas on firewall ports for DCs/PCs between offices? I have configured, DC to any DC, between offices, PC <Block> remote offices, and well configured the ADSS, which is the mapped DC and Subnets to related site. But I found that PC usually go to found other DCs. I dont have idea on that and I am not able to simulate the case. Thanks for any assitance.
You can try to take a look at the below links for DC to DC communication via a firewall:
http://support.microsoft.com/kb/555381
http://support.microsoft.com/?kbid=179442
http://support.microsoft.com/?kbid=154596
You will need to also ensure that you have proper AD site and subnet configuration. The client will look for a local DCs inside the same site based on your subnet configuration inside AD sites and services.
To establish a domain trust or a security channel across a firewall, the following ports must be opened. Be aware that there may be hosts functioning with both client and server roles on both sides of the firewall. Therefore, ports rules may have to be mirrored. For more information, visit this page here - http://support.microsoft.com/kb/179442/en-us