Longhorn Server will have the Windows Firewall ON by default

Published 18 August 06 08:35 AM | MS NAP Team 

Did you know that the Windows Firewall will be on by default in future Longhorn Server releases? This has impact to you, when you install the any of the Networking related server roles in your NAP deployments you will have to make sure that the ports necessary for those servers to operate are open on the firewall.

 

In the case of the Network Policy Server (NPS) the following ports are used to receive requests:

 

UDP:1645 – Legacy RADIUS Authentication and Authorization

UDP:1646 – Legacy RADIUS Accounting

UDP:1812 – RADIUS Authentication and Authorization

UDP:1813 - RADIUS Accounting

 

While it needs to make outbound requests using:

TCP:389 – Lightweight Directory Access Protocol (LDAP)

 

Depending on the RADIUS clients you are communicating with you may only need to enable the “non-Legacy” inbound ports.

 

We are looking at ways we can have these settings created for you automatically when you install the component as well as dynamically updating them if they change, but in the mean time I suggest that if you’re not already running this way consider doing it; this is a great way to mitigate some of the risks of operating a server.

 

Tell us what you think about this change.

 

Ryan M. Hurst

Lead Program Manager

Layer 2 Authentication and Authorization

Windows Enterprise Networking

Comments

# trustedaccess: Microsoft said on September 25, 2006 8:13 PM:
Here's a quick list of interesting NAP and Domain/Server Isolation related links from Microsoft for
# travelling without moving said on November 30, 2006 8:31 PM:

Here's a quick list of interesting NAP and Domain/Server Isolation related links from Microsoft for

# The Short NAP: September 25th 2006 | stealthpuppy.com said on May 26, 2007 11:07 PM:

PingBack from http://blog.stealthpuppy.com/access-control/speedlinking-nap-and-domain-isolation-round-up-2

New Comments to this post are disabled
Page view tracker