Configuring Windows Functionality Through A Firewall/NAT

Configuring Windows Functionality Through A Firewall/NAT
Last Updated: 18 Jul 2004
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

*** PLEASE NOTE: Link(s), If Provided, May Be Wrapped ***


The following documents provide instructions for enabling
connectivity of a single domain across firewalls or
routers, and enabling VPN traffic across a firewall or
router:


DOMAIN TRUSTS

• http://support.microsoft.com/?KBID=179442
• http://support.microsoft.com/?KBID=150543
• http://support.microsoft.com/?KBID=303503


VPN TRAFFIC

• http://www.microsoft.com/windowsserver2003/technologies/networking/vpn/
• http://www.microsoft.com/windows2000/technologies/communications/vpn/
• http://www.microsoft.com/windowsxp/home/using/productdoc/en/access_pptp.asp
• http://www.microsoft.com/ntserver/techresources/commnet/RRAS/RRAS_FAQ.asp
• http://www.microsoft.com/ntserver/ProductInfo/faqs/PPTPfaq.asp
• http://support.microsoft.com/?KBID=283628
• http://support.microsoft.com/?KBID=241251
• http://support.microsoft.com/?KBID=162847
• http://support.microsoft.com/?KBID=255784
• http://support.microsoft.com/?KBID=169890


COMMON WINDOWS PORTS

• NetBIOS ................ TCP 135, 137-139
          ................ UDP 135, 137-139

• SMB .................... TCP 445

• PPTP ................... TCP 1723
       ................... IP Protocol 47 (GRE)

• MSN Messneger
      Audio & Video ...... UDP 5004 - 65535
      App Sharing ........ TCP 1503
      File Transfer ...... TCP 6891 - 6900
      Whiteboard ......... TCP 1503
      SIP Signaling ...... TCP 5060
      RDP/Remote Asst .... TCP 3389

• UPnP ................... UDP 1900


USING MSN/WINDOWS MESSENGER THROUGH A FIREWALL

• http://www.microsoft.com/windowsxp/pro/techinfo/deployment/natfw/
• http://www.microsoft.com/windowsxp/pro/techinfo/administration/adminra/
• http://www.jsiinc.com/SUBK/tip5400/rh5484.htm
• http://messenger.msn.com/support/knownissues.asp
• http://www.nc-india.com/workshop/stories/33078.html
• http://asia.cnet.com/itmanager/tech/0,39006407,39092525,00.htm
• http://www.microsoft.com/windowsxp/expertzone/columns/bowman/december24.asp
• http://www.chebucto.ns.ca/~rakerman/port-table.html#WinMess
• http://www.smallnetbuilder.com/FAQ-9-General-8.php
• http://www.practicallynetworked.com/sharing/app_port_list.htm


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ADDITIONAL SEARCH OPTIONS (MS KB)

• http://msdn.microsoft.com/
• http://www.microsoft.com/technet/
• http://www.microsoft.com/

  ALL WORDS .............. "GRE"
  ALL WORDS .............. "PPTP"
  ALL WORDS .............. "VPN Firewall"
  ALL WORDS .............. "Messenger Firewall"
  ALL WORDS .............. "uPNP"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


PERSONAL NOTES

• For PPTP to work, you must allow the following:
	TCP 1723 (or IP Protocol 6, port 1723)
	GRE      (or IP Protocol 47)

• Many broadband routers have direct support for PPTP
  through their built-in firewalls.

• Many MSN Messenger functions require non-NAT access
  between hosts.  If NAT is used on both ends of the
  connection, then UPnP is also required with at least
  one connection, for full functionality.