How to Configure a Firewall for Windows NT and Trusts

 Last reviewed: February 9, 1998
Article ID: Q179442
The information in this article applies to:
  • Microsoft Windows NT Server versions 4.0

SUMMARY

To establish a domain trust relationship across a firewall, the following ports must be enabled: 

   PORT 135 (TCP or UDP) for Remote Procedure Call(RPC)Service
   PORT 137 (UDP) for NetBIOS Name Service
   PORT 138 (UDP) for NetBIOS datagram (Browsing)
   PORT 139 (TCP) for NetBIOS session (NET USE)
   ALL PORTS above 1024 for RPC Communication
Name Resolution can be provided through an LMHOSTS file. For additional information on browsing with LMHOSTS, please see the following article in the Microsoft Knowledge Base: 

   ARTICLE-ID: Q150800
   TITLE     : Domain Browsing with TCP/IP and LMHOSTS Files
Alternatively, a trust can be established through point-to-point tunneling protocol (PPTP). For PPTP, the following ports must be enabled: 

   PORT (TCP) 1723 for PPTP
   IP PROTOCOL 47 (GRE)

MORE INFORMATION

In addition, administration applications (such as DHCP Manager and WINS Manager) typically use randomly assigned RPC ports.

Additional query words: tcpip
Keywords : ntdomain NTSrv
Version : WinNT:4.0
Platform : winnt
Hardware : x86
Issue type : kbinfo

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: February 9, 1998
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.