Portopening for memberserver running in DMZ?

NethServer Version: 7.9


I have a Nethserver who is acting as Active Directory local accounts provider and would like to bind a 2nd Nethserver running in a different subnent (DMZ) as a memberserver…

Is this possible and which port(s) do I have to open on the IPFire Firewall (DMZ > LAN)?




The list of ports needed for a working AD is MUCH more than 20!
It’s generally MUCH better to use a site2site VPN.
Encryption on AD stuff is not very high, so it’s also a security issue.

Sorry, I misread the DMZ bit, thought you meant a different site.

My 2 cents

You can find a list of used ports in the Samba wiki.