Setting the proper Windows Server Firewall rules is critical step to ensure a secure and operational Lightweight Directory Access Protocol (LDAP) connection utilizing SSL/TLS or StartTLS (LDAPS). This guide will show you how to configure an LDAPS (SSL/TLS or StartTLS) connection using port rules for 636/TCP and set needed border firewall IP addresses.
To allow our external connections to your Active Directory we need to setup an LDAPS connection for your Windows Server Firewall. This LDAPS connection is established by uses port rule 636/TCP in your server firewall, preventing MITM (man in the middle) attacks.
To allow a connection IP addresses need to be added to your servers border controlling firewall (ie. network perimeter firewall, demilitarized zone network firewall, edge network firewall). Add following IP addresses on LDAPS/636 to your Border Firewall to allow a connections:
The process of adding an IP to this firewall can vary device to device, we recommend referencing your firewall/device documentation.
Our technical support team is also available 24/7/365 via phone, chat, email or by opening a ticket through your account to help with any LDAP questions related to our services. Contact us anytime. We're always here. 24/7/365.