-
September 28th, 2006, 02:25 PM
#1
Junior Member
Communications between Root CA and subs
Hi All
Maybe someone on here can answer a question that I can't find the answer to on TechNet (quell suprise!)
On my company's wan is a Root CA (microsoft certificate services on Win2003 Ent). This is in site A.
There will be two subordinate CA's installed in Site B and Site C (two sites on cold failover)
We have lots of firewalls in-between the Root and the subs.
Can anyone tell me what firewall ports need to be opened up between site A and B/C?
It uses V3 certs if that makes any difference.
I'm guessing TCP port 135, but I can't find any confirmation of this anywhere.
Cheers
Sean
If a packet falls in an empty network, - does it make any noise?
-
September 28th, 2006, 03:09 PM
#2
Well CA's communicate via AD replication either intra site or intersite.
If your AD replication is working then there is no problem, you dont need to open a specific port for CA comms.
We have 4 seperate sites all seperated by firewall and they communicate fine through AD replication.
Unless im missing something in your question ?
Our destiny is to endure all hardships that we encounter along the path to what we perceive to be true and worthwhile !
The Head foundation
Please give generously
-
September 28th, 2006, 03:57 PM
#3
Junior Member
Aaha! Yes, sorry, I forgot to say that the boxes aren't AD integrated.
For security reasons, they can't be on a domain.
If a packet falls in an empty network, - does it make any noise?
-
September 29th, 2006, 11:47 AM
#4
sorry i.m confused.
So you have a stand alone root CA (you cant have a enterprise root as that is depenant on AD) which should also be offline) that you want to communicate with B/C ?
What sort of communication do you want to take place and why ?
sorry if im confused
however CA serivces use RPC and DCOM to communicate so port 135 and random ports greater than 1024.
of course u wil aslo need 443 etc for SSL aswell.
Our destiny is to endure all hardships that we encounter along the path to what we perceive to be true and worthwhile !
The Head foundation
Please give generously
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|