Firewall Ports Domain Controller to Clients

Question

I am working on the segmentation of a network. Domain controllers and clients are located in different VLANs and are separated by a hardware firewall. Many ports must be opened for communication in the domain. In my opinion, most of the required ports are inbound on the domain controller side, so that clients can establish connections to the DC.

What I want to know is: Do I need to explicitly open ports inbound on the client side for the domain to work properly?

Inbound ports do not typically need to be opened on the client side for communication initiated by the client. — joeqwerty, Aug 10 '22 at 22:13

score 2 · Accepted Answer · answered Aug 10 '22 at 17:41

2

You do not. Ports only need to be opened from Client to Server for Active Directory Authentication.

answered Aug 10 '22 at 17:41

Abu Zaid

499
2
6

Firewall Ports Domain Controller to Clients

1 Answers1