Extreme Networks Sentriant AG Software User's Manual page 428
Hide thumbs
Also See for Sentriant AG:
- Installation manual (80 pages) ,
- User manual (422 pages) ,
- Software user's manual (526 pages)
Table of Contents
Advertisement
Ports used in Sentriant AG
Table 21: Ports in Sentriant AG (continued)
Port
Ports used for DHCP and domain controllers:
88 (TCP)
135-159 (TCP)
135-159 (UDP)
389 (TCP)
1025 (TCP)
1026 (TCP)
3268 (TCP)
88 (TCP)
135-159 (TCP)
135-159 (UDP)
389 (TCP)
1025 (TCP)
1026 (TCP)
3268 (TCP)
Ports used for quarantine/guest resources:
Varies
428
Parties
Description
ES to DC/
DHCP Server and Domain Controller
DHCP server
behind Sentriant AG:
In DHCP mode, when your DHCP server
and Domain Controller are behind
Sentriant AG, you must specify ports 88,
135 to 159, 389, 1025, 1026, and
3268 as part of the address. If you do
not specify a DHCP address, users are
blocked. If you specify only the IP
address with no port, endpoints are not
quarantined, even for failed tests.
MS/ES to DC/
DHCP Server and Domain Controller NOT
DHCP server
behind Sentriant AG:
In DHCP mode, if your domain controller
is not situated behind Sentriant AG, you
must configure your router to allow
routes from the quarantine area to your
domain controller on ports 88, 135-159,
389, 1025, 1026, and 3268.
ES to endpoint
In order to grant access for quarantined
endpoints to needed services, add
entries to the Explicit resource
accessibilities list.
For inline enforcement mode, enter the
IP addresses of the servers that provide
the services. A port or ports can be
added to limit the access to the servers
from quarantined endpoints.
For all other deployment modes, the
Fully Qualified Domain Name (FQDN) of
the target servers should be added to the
list (for example mycompany.com). If the
specified accessible servers are not
behind an ES, a network firewall must
be used to control access to only the
desired ports.
In DHCP mode, if your DHCP server has
other services besides DHCP for which
you need to allow access, be sure to
NOT allow port 67.
For example, add the entries
192.168.1.1:1:66 and
192.168.1.1:68:65535 to open all
ports besides 67.
Comments
Configure in the Sentriant AG
user interface:
Home window
>>System configuration
>>Quarantine/guest resources
Configure on the router
between Domain Controller
and Quarantine Area
Configure in the Sentriant AG
user interface:
Home window>>System
configuration>>Quarantine/
guest resources
Example:
10.0.16.100:53
Separate multiple endpoint
entries with a carriage return
(new line):
10.0.16.100:53
10.0.16.100:80
10.0.16.100:81
10.0.16.100:82
Enter a range of ports as
follows:
10.0.16.100:53:65
Sentriant AG Software Users Guide, Version 5.3
Advertisement
Table of Contents
Related Manuals for Extreme Networks Sentriant AG
Related Products for Extreme Networks Sentriant AG
- Extreme Networks SSA-T8028-0652
- Extreme Networks ExtremeRouting SLX 9850-8
- Extreme Networks SA201
- Extreme Networks ExtremeSwitching SLX 9540
- Extreme Networks ExtremeSwitching SLX 9030-48S
- Extreme Networks ExtremeSwitching SLX9150-48Y-8C-AC-F
- Extreme Networks ExtremeSwitching SLX9150-48XT-6C
- Extreme Networks ExtremeSwitching SLX9250-32C