How can I create a domain trust through a firewall?

John Savill

January 8, 2000

1 Min Read
ITPro Today logo in a gray background | ITPro Today

A. When creating trust relationships communications between the twodomains is carried out over a number of protocols with each protocol usingdifferent TCP/IP port. Below is a list of ports which need to be enabled on thefirewall for a trust relationship:

  • PORT 135 (TCP or UDP) for Remote Procedure Call(RPC)Service

  • PORT 137 (UDP) for NetBIOS Name Service

  • PORT 138 (UDP) for NetBIOS datagram (Browsing)

  • PORT 139 (TCP) for NetBIOS session (NET USE)

  • ALL PORTS above 1024 for RPC Communication

You may use LMHOSTS for name resolution (which would have #pre #dom entriesfor the domain controllers) or WINS can be used which requires:

  • PORT 53 (TCP and UDP) for DNS

  • PORT 42 (TCP and UDP) for WINS Replication

Alternatively, a trust can be established through point-to-point tunneling protocol (PPTP). For PPTP, the following ports must be enabled:

  • PORT (TCP) 1723 for PPTP

  • IP PROTOCOL 47 (GRE)

If you only wish to perform management through a firewall and/or RRAS you canonly allow TCP any-139, TCP 139-any and UPD 138-138 through the firewall. Alsoallow UDP 137-137 to the WINS Servers. This allows all the remote managementtools to run from the management NT Workstations.

Also see the following knowledge base articles:

  • Q167128SMS: Network Ports Used by Remote Helpdesk Functions

  • Q174395Event ID 4202 Attempting WINS Replication across Router

About the Author

John Savill

John Savill

https://savilltech.net

See more from John Savill
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

the interface of the PowerShell search tool with a hand holding a magnifying glass on a background of a blue sky and clouds in the shape of gears
PowerShell
How I Built My Own PowerShell Multi-File Search Tool
How I Built My Own PowerShell Multi-File Search Tool

Oct 22, 2024

burnout gif featuring a mannequin surrounded by office technology on fire
Career Tips
Am I Burned Out? How To Identify and Address Burnout in IT
Am I Burned Out? How To Identify and Address Burnout in IT

Oct 24, 2024

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?

Oct 23, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

AI chip
Cloud Computing
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables