Wednesday, March 16, 2016

cross domain login takes longer time than expected ( Approximately 15mins )



Issue : Trying to login to a server from a trusting domain to trusted domain and (cross domain login ) and it takes longer time than expected

 Checked and found that the ephemeral ports blocking between source to destination.

what is ephemeral port :  https://en.wikipedia.org/wiki/Ephemeral_port 


Issue has been resolved after opening the below mentioned ports on firewall between the source and destination 

Ports list:






Client Port(s)                                          Server Port                            Service
49152 -65535/UDP                                      123/UDP                          W32Time
49152 -65535/TCP                                      135/TCP                            RPC Endpoint Mapper
49152 -65535/TCP                                       464/TCP/UDP                Kerberos password change
49152 -65535/TCP                                    49152-65535/TCP             RPC for LSA, SAM, Netlogon (*)
49152 -65535/TCP/UDP                         389/TCP/UDP                  LDAP
49152 -65535/TCP                                 636/TCP                                 LDAP SSL
49152 -65535/TCP                                   3268/TCP                           LDAP GC
49152 -65535/TCP                                   3269/TCP                           LDAP GC SSL
53,49152 -65535/TCP/UDP                    53/TCP/UDP                  DNS
49152 -65535/TCP                                    49152 -65535/TCP            FRS RPC (*)
49152 -65535/TCP/UDP                       88/TCP/UDP                    Kerberos
49152 -65535/TCP/UDP                  445/TCP                                 SMB
49152 -65535/TCP                                 49152-65535/TCP             DFSR RPC (*)




Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)