Meraki

DarezHardware · ‎May 4 2022

Has anyone successfully setup any kind of firewall rules to lock down active directory. I've tried the ports on a few articles and I think I may have it but now I'm getting an RPC error when trying to add a computer. Does anyone have any insight on this I can't seem to get this to work correctly?

The ports I currently have open are - 53,88,389,3268,445,123,135

DarezHardware · ‎May 5 2022

Ended up doing a packet capture thank you for that, found it really really wants the RPC ports open, you can apparently tighten these up to a range of 1000 but I don't have time for now to do that on all our servers. You need the ranges I mentioned above on both UDP and TCP + the range of 49152-65535

So the ports required in order for the default configuration of Active directory to work are - TCP & UDP 53,88,389,3268,445,123,135, & 49152-65535

View solution in original post

Brash · ‎May 4 2022

Quick check of the Microsoft doco shows you've covered most of the ports.
Can you run a packet capture (on whichever Meraki device is most applicable in your network) to see which other ports the PC is attempting to communicate to the DC?

DarezHardware · ‎May 5 2022

Ended up doing a packet capture thank you for that, found it really really wants the RPC ports open, you can apparently tighten these up to a range of 1000 but I don't have time for now to do that on all our servers. You need the ranges I mentioned above on both UDP and TCP + the range of 49152-65535

So the ports required in order for the default configuration of Active directory to work are - TCP & UDP 53,88,389,3268,445,123,135, & 49152-65535

Meraki

Community

L3 Firewall rules for Active Directory

L3 Firewall rules for Active Directory