Alexander’s Blog

Here are some of the ports that you will need to open (on both ends) if you want to configure a domain trust across the firewall.

The following ports need to be opened if you have once of the following:

1. A mixed mode domain with either NT domain controllers or legacy clients
2. Trust relationship between two Win2K-based or between two Win2K3-based domain controllers that are not in the same forest

In addition, you should also allow Internet Control Message Protocol (ICMP). This is necessary for Active Directory to work properly. Clients will use ICMP across the firewall to receive Group Policies. ICMP is used to determine whether the link is slow or a fast link, which is a setting you can configure in a Group Policy. ICMP is also used to detect Maximum Transfer unit (MTU). Because ICMP is directly hosted by the IP layer it doesn’t use a specific TCP or UDP port. What you need to do is to configure the firewall to allow ICMP but for security purposes you can always configure the firewall to allow ICMP only from the clients to the the domain controller’s IP.

Needless to say, you can always configure a Virtual Private Network (VPN) across the Internet or across a firewall so you don’t have to open so many ports. For PPTP you will configure TCP Port 1723 and Protocol ID 47 (GRE). On the client side you need to open TCP ports 1024-65535.

There are a few additional things that you need to know. Microsoft addresses these in a KB article Q179442.

Apple Computer Inc. chief executive Steve Jobs introduced a long-anticipated music-playing cell phone on Wednesday and surprised the faithful with a new pencil-thin iPod. The phone, called the ROKR and made by Motorola Inc., will come loaded with iTunes software, store up to 100 songs and include a color display screen and a built-in camera.

The new iPod, called the Nano, replaces the iPod Mini. In contrast with the Mini, which is hard drive-based, the Nano relies on flash memory, making it lighter and more energy-efficient. One-third the size of the Mini, the Nano weighs about 1.5 ounces and will fit into a breast pocket. Apple says it can store up to 1,000 songs or 25,000 photos.

“Nano is the biggest revolution since the original iPod,” Jobs crowed at an event for journalists and invited guests. “It’s impossibly small. … It’s thinner than a No. 2 pencil.” Besides music, the Nano features games, photo storage and a calendar. It also has a “screen lock” feature that allows no one except the user to access content.

A 4-gigabyte Nano will retail for $249, and a 2-gigabyte model will sell for $199. The devices will be in stores as soon as Thursday and are likely to be widely available by the weekend, Apple said.

More info…