1) Identify the ports needed to open:
In our CUST domain, the ports used for Active directory are published in this article: What firewall ports are used by Active Directory? However these ports assume that the RPC port has been configured to be static. In our CUST domain, it has been configured for TCP 1025. The default AD installation is to use TCP ports above 1023, but you can also set the static RPC TCP port by following these instructions: Active Directory Static RPC Port on each Domain controller.
The above chart assumes you have configured the static RPC port to TCP 1025 instead of the default ports TCP Greater than 1023.
2) Where to open the firewall.
- If this is for Hybrid cloud you will need to open up the ports on the Cloud firewall (Cloud GUI) as well as the firewall on the Ash01 (Standard Text through networking Team) side.
- If you have two networks in cloud (DMZ and Trust) you will want to open up the firewall for each network.