Firewall ports are preventing group policy on clients?? - Windows NT

This is a discussion on Firewall ports are preventing group policy on clients?? - Windows NT ; I am in the process of deploying AD. I have 2 clients that work and I have reduced the problem down to the following: 1. when the firewall blocks all but ports 80 (web), 443 (ssl), 25 (smtp) the clients ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Firewall ports are preventing group policy on clients??

  1. Firewall ports are preventing group policy on clients??

    I am in the process of deploying AD. I have 2 clients that work and I
    have reduced the problem down to the following:

    1. when the firewall blocks all but ports 80 (web), 443 (ssl), 25
    (smtp) the clients will connect to the domain, but the group policy
    will not be applied to them. The clients are all Windows XP pro with
    SP2 and patches. I have one machine that the policy is applied to but
    that was previously on a test network where the firewall allowed all in
    and all out with all protocols.

    2. One of the machine which did not apply the group policy, was given a
    static IP which allowed all in and all out. This machine was rebooted
    and when we logged into the domain the group policy was applied. I
    thought it may have something to do with NTP so I allowed UDP 123 (i
    think this is for NTP) out the firewall and still no luck.

    Any help in this area would be much appreciated.

    Thanks

    Oz

    Please free to reply or email: ozkan_aziz@hotmail.com


  2. Re: Firewall ports are preventing group policy on clients?? DHCP DNS on AD group policy clients causing Group Policy not to load.

    This for anyone else experiencing this problem:

    This problem was not due to the firewall setting as initially stated.
    The problem was resolved by manually entering the primary and secondary
    DNS server IP addresses into each client.

    There was something on the microsoft web site, saying that there were
    too many hops between the clients and the DNS server, so DHCP could not
    be used. This has resolved the problem, but I can see it becoming an
    admin nightmare if I cant get DHCP to provide the DNS settings.

    ....May be it has something to do with the fact that a 515e PIX is
    providing DHCP???


    ozkan_aziz@hotmail.com wrote:
    > I am in the process of deploying AD. I have 2 clients that work and I
    > have reduced the problem down to the following:
    >
    > 1. when the firewall blocks all but ports 80 (web), 443 (ssl), 25
    > (smtp) the clients will connect to the domain, but the group policy
    > will not be applied to them. The clients are all Windows XP pro with
    > SP2 and patches. I have one machine that the policy is applied to but
    > that was previously on a test network where the firewall allowed all in
    > and all out with all protocols.
    >
    > 2. One of the machine which did not apply the group policy, was given a
    > static IP which allowed all in and all out. This machine was rebooted
    > and when we logged into the domain the group policy was applied. I
    > thought it may have something to do with NTP so I allowed UDP 123 (i
    > think this is for NTP) out the firewall and still no luck.
    >
    > Any help in this area would be much appreciated.
    >
    > Thanks
    >
    > Oz
    >
    > Please free to reply or email: ozkan_aziz@hotmail.com



+ Reply to Thread