Ports need to be opened on a firewall to support IWA-Direct

book

Article ID: 167358

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Customer is deploying IWA-Direct and want to know the ports to be opened in firewall for allowing this communication

Resolution

IWA Direct communicates directly with Active Directory using standard Domain Controller protocols. The following network protocols will need to be permitted on any firewall that exists between the ProxySG and the domain controller infrastructure.

Port

Protocol

UDP/TCP (88)

(If UDP is blocked, TCP will be used)

Kerberos

UDP/TCP (53)
(If DNS response is big for a single UDP packet, TCP based DNS will be used)

DNS

UDP/TCP (389, 3268)

LDAP

TCP (445)

SMB