Longhorn Server will have the Windows Firewall ON by default



Did you know that the Windows Firewall will be on by default in future Longhorn Server releases? This has impact to you, when you install the any of the Networking related server roles in your NAP deployments you will have to make sure that the ports necessary for those servers to operate are open on the firewall.


 


In the case of the Network Policy Server (NPS) the following ports are used to receive requests:


 


UDP:1645 – Legacy RADIUS Authentication and Authorization


UDP:1646 – Legacy RADIUS Accounting


UDP:1812 – RADIUS Authentication and Authorization


UDP:1813 – RADIUS Accounting


 


While it needs to make outbound requests using:


TCP:389 – Lightweight Directory Access Protocol (LDAP)


 


Depending on the RADIUS clients you are communicating with you may only need to enable the “non-Legacy” inbound ports.


 


We are looking at ways we can have these settings created for you automatically when you install the component as well as dynamically updating them if they change, but in the mean time I suggest that if you’re not already running this way consider doing it; this is a great way to mitigate some of the risks of operating a server.



 


Tell us what you think about this change.


 


Ryan M. Hurst


Lead Program Manager


Layer 2 Authentication and Authorization


Windows Enterprise Networking



Comments (3)

  1. Anonymous says:

    Here's a quick list of interesting NAP and Domain/Server Isolation related links from Microsoft for

  2. Anonymous says:

    Here's a quick list of interesting NAP and Domain/Server Isolation related links from Microsoft for