Need a port for Trusted Domain

I m trying to make trusted relatioship between two windows 2003 servers ,
one server "damasco" is conected directly to the DSL Modem
and the other is behind a WRT54G router, i need to map a port for make the
trusted domain???

when i use the trusted relationship can not continue
Thanks by any help

Alejandro Carnero

In news:(E-Mail Removed),
alecarnero <(E-Mail Removed)> requesting assistance, typed the
following:
> I m trying to make trusted relatioship between two windows 2003
> servers , one server "damasco" is conected directly to the DSL Modem
> and the other is behind a WRT54G router, i need to map a port for
> make the trusted domain???
>
> when i use the trusted relationship can not continue
> Thanks by any help
>
> Alejandro Carnero


There are over 29 ports besides the ephemeral ports (UDP >1023) that need to
be open for domain communication (trusts and more) to work.

Also, it will not work across a NAT. Nat cannot translate the RPC, Kerberos
and LDAP calls. Remember, NAT translates packets, and RPC for one, is
encrypted, therefore it cannot read it to translate it. If the WRT54G is set
to NAT (they are be default), it will NOT work unless you configure a VPN
tunnel through it.

If it is setup to route, and not NAT, and you will need to open up all the
ports. Read the following article please to get a better understanding of
what is required. Ignore the fact it's titled Windows 2000, for it is the
same with 2003 and 2008.

Active Directory Replication over Firewalls
http://technet.microsoft.com/en-us/l.../bb727063.aspx

--�
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly.
Please check http://support.microsoft.com for regional support phone
numbers.

Infinite Diversities in Infinite Combinations

alecarnero <(E-Mail Removed)> wrote:
> I m trying to make trusted relatioship between two windows 2003
> servers , one server "damasco" is conected directly to the DSL Modem
> and the other is behind a WRT54G router, i need to map a port for
> make the trusted domain???
>
> when i use the trusted relationship can not continue
> Thanks by any help
>
> Alejandro Carnero

Set up a VPN tunnel between them. As Ace points out, it isn't "a port."
I'd recommend getting two compatible firewall appliances (I like Sonicwalls)
for security & to make the IPSEC VPN connection. Ditch the Netgear and don't
have anything connected directly into the DSL modem - have the ISP disable
NAT and filtering once you've got your own firewall appliance in place.

My favorite Steve Riley line in the article:

--Turns the firewall into "Swiss cheese"--

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

In news:Oefug%(E-Mail Removed),
Phillip Windell <(E-Mail Removed)> requesting assistance, typed the
following:
> My favorite Steve Riley line in the article:
>
> --Turns the firewall into "Swiss cheese"--

I use that too!! LOL. It's the truth!

Ace