This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Adam_Hutcheson
Participant
‎2017-08-14 09:41 AM

Microsoft DirectAccess - Ports

Wondering if anyone has details on how they get MS DirectAccess to work through a Checkpoint Firewall.

My set up is as follows:

1) Server in DMZ that is the DA Server.

2) NAT setup to public IP.

I am having issues getting it to pass the checks for installation - specifically Active Directory Authentication.  From what I can tell, everything appears to be in place.

Let me know what ports you opened, etc.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2017-08-14 10:45 AM

A quick Google search shows the following:

When using additional firewalls in your deployment, apply the following Internet-facing firewall exceptions for Remote Access traffic when the DirectAccess server is on the IPv4 Internet:

  • Teredo traffic—User Datagram Protocol (UDP) destination port 3544 inbound, and UDP source port 3544 outbound.

  • 6to4 traffic—IP Protocol 41 inbound and outbound.

  • IP-HTTPS—Transmission Control Protocol (TCP) destination port 443, and TCP source port 443 outbound. When the DirectAccess server has a single network adapter, and the network location server is on the DirectAccess server, then TCP port 62000 is also required.

Source: Step 1: Configure the DirectAccess Infrastructure3 

0 Kudos
Trending Discussions
Harmony mobile question
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top