The following table lists the port usage for common protocols operating on servers running Active Directory in a network.
Table: Network Port Usage for Active Directory Services
| Service | Protocol | Src. port | Dest. port | Src. addr. | Dest. addr. | Action |
|---|---|---|---|---|---|---|
|
DNS Client |
TCP |
ANY |
53 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
53 |
Host IP |
ANY |
ALLOW |
|
SNMP Server |
TCP |
ANY |
161 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
161 |
ANY |
Host IP |
ALLOW |
|
CIFS/SMB Client |
TCP |
ANY |
445 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
445 |
Host IP |
ANY |
ALLOW |
|
CIFS/SMB Server |
TCP |
ANY |
445 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
445 |
ANY |
Host IP |
ALLOW |
|
Remote Procedure Call (RPC) Client |
TCP |
ANY |
135 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
135 |
Host IP |
ANY |
ALLOW |
|
RPC Server |
TCP |
ANY |
135 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
135 |
ANY |
Host IP |
ALLOW |
|
FRS/AD Replication Ports Out |
TCP |
ANY |
57951 |
Host IP |
ANY |
ALLOW |
|
- |
TCP |
ANY |
57952 |
Host IP |
ANY |
ALLOW |
|
FRS/AD Replication Ports In |
TCP |
ANY |
57951 |
ANY |
Host IP |
ALLOW |
|
- |
TCP |
ANY |
57952 |
ANY |
Host IP |
ALLOW |
|
NetBIOS Client |
TCP |
ANY |
137 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
137 |
Host IP |
ANY |
ALLOW |
|
- |
TCP |
ANY |
139 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
138 |
Host IP |
ANY |
ALLOW |
|
NetBIOS Server |
TCP |
ANY |
137 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
137 |
ANY |
Host IP |
ALLOW |
|
- |
TCP |
ANY |
139 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
138 |
ANY |
Host IP |
ALLOW |
|
NTP Client |
TCP |
ANY |
123 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
123 |
Host IP |
ANY |
ALLOW |
|
Monitoring Client |
ANY |
ANY |
ANY |
Host IP |
MOM Server |
ALLOW |
|
LDAP Client |
TCP |
ANY |
389 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
389 |
Host IP |
ANY |
ALLOW |
|
- |
TCP |
ANY |
636 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
636 |
Host IP |
ANY |
ALLOW |
|
Kerberos Client |
TCP |
ANY |
88 |
Host IP |
ANY |
ALLOW |
|
- |
UDP |
ANY |
88 |
Host IP |
ANY |
ALLOW |
|
Terminal Services |
TCP |
ANY |
3389 |
ANY |
Host IP |
ALLOW |
|
Global Catalog Client |
TCP |
ANY |
3268 |
Host IP |
ANY |
ALLOW |
|
- |
TCP |
ANY |
3269 |
Host IP |
ANY |
ALLOW |
|
Global Catalog Server |
TCP |
ANY |
3268 |
ANY |
Host IP |
ALLOW |
|
- |
TCP |
ANY |
3269 |
ANY |
Host IP |
ALLOW |
|
DNS Server |
TCP |
ANY |
53 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
53 |
ANY |
Host IP |
ALLOW |
|
Kerberos Server |
TCP |
ANY |
88 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
88 |
ANY |
Host IP |
ALLOW |
|
LDAP Server |
TCP |
ANY |
389 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
389 |
ANY |
Host IP |
ALLOW |
|
- |
TCP |
ANY |
636 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
636 |
ANY |
Host IP |
ALLOW |
|
NTP Server |
TCP |
ANY |
123 |
ANY |
Host IP |
ALLOW |
|
- |
UDP |
ANY |
123 |
ANY |
Host IP |
ALLOW |
|
ICMP |
ICMP |
ANY |
ANY |
Host IP |
ANY |
ALLOW |
|
All Inbound Traffic |
ANY |
ANY |
ANY |
ANY |
Host IP |
BLOCK |