Portopening for memberserver running in DMZ?

fausp · May 2, 2022, 5:37pm

NethServer Version: 7.9

Hi,

I have a Nethserver who is acting as Active Directory local accounts provider and would like to bind a 2nd Nethserver running in a different subnent (DMZ) as a memberserver…

Is this possible and which port(s) do I have to open on the IPFire Firewall (DMZ > LAN)?

Andy_Wismer · May 2, 2022, 5:50pm

@fausp

Hi

Port?

The list of ports needed for a working AD is MUCH more than 20!
It’s generally MUCH better to use a site2site VPN.
Encryption on AD stuff is not very high, so it’s also a security issue.

Sorry, I misread the DMZ bit, thought you meant a different site.

My 2 cents
Andy

mrmarkuz · May 2, 2022, 9:29pm

You can find a list of used ports in the Samba wiki.