ACS and Windows 2000 user database communication port

gary-chen · ‎11-18-2005

Could my Windows 2000 SP4 + ACS v3.23 can install any new Windows 2000 service pack ?

I'm affraid to infect ACS Service.

So, I want to install firewall on this server to block malicious traffic.

However, my ACS used external user database Windows 2000 for authentication.

Who can tell me What protocols or port list they are communication?

I have to avoid these traffic on my firewall.

s.elmrabet · ‎11-18-2005

Dear Chen

What do you meen by external user database is it active directory or database on database server?

so if you use active directory the SP will not affect your database because yous ACS is bellonging to a domain!! please give more clear idea

Regards

gary-chen · ‎11-19-2005

Well, my CiscoSecure ACS on Server-1 (Windows 2000) to forward authentication of wireless client users to Server-2 (Windows 2000 with AD).

My first question is Server-1 can install any new Service Pack in the future?

No any one sure.

So I want to install FW or other secure software to protect Server-1 , but can't infect between Server-1 and Server-2 communication, this is my second question:What communication protocols or ports they are use ?

Regards,

s.elmrabet · ‎11-19-2005

Hi cheng

I think you can install any servie pack without problem and the SP4 is the latest one for WIN2000 and you server already has this SP

For your second question you need to specify many protocols according to your active directory config in this link you can find a list of this protocols and the best way is to make debug or logging or use a siniffer to know the exactly protocols flow between your ACS and AD server

http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/deploy/confeat/adrepfir.mspx

Best Regards

gary-chen · ‎11-20-2005

Yes, Siniffer is my last method if nobody knows their protocols.

I'll refer your "Active Directory Replication over Firewalls" articl to analyze their communication.

Regards,

Gary Chen