What ports and traffic do I need to allow to setup a file server in Windows Server 2008?

Depends on what this server is going to be doing. Is it joined to a domain? You will need to provide specific details on what you want it to do and what it has to communicate with. -- Paul Bergson MVP - Directory Services MCITP: Enterprise Administrator MCTS, MCT, MCSE, MCSA, Security+, BS CSci 2008, Vista, 2003, 2000 (Early Achiever), NT4 http://www.pbbergs.com Twitter @pbbergs Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights.

Yes it is part of a domain. Other users on their own computers will be accessing files from this file server. They will be reading and saving files to it. Also this server will robocopy data to a backup server. Also remote desktop for admins to connect to the server for administrative tasks. That is pretty much it. Any help is appreciated.

Hi, Thank you for your post here. You don't have to know the specific ports involved in the SMB/CIFS file sharing. In Windows Server 2008 Windows Firewall with advanced security, there is a set of inbound File and Printer sharing firewall rules. You will need to enable those rules in Domain profile and disable other non-core rules if you want to tighten the network security on the server.

I agree with Miles' comment regarding the firewall rules in Windows Server 2008, but just to add some additional info: SMB: 445 (TCP) // File Sharing RDP: 3389 (TCP) // Remote Desktop for Administration I'd also check to see if you have NetBIOS over TCP/IP (otherwise known as NetBT) enabled. To check to see if you have NetBT enabled: - open cmd - type 'net config redirector ' if you have a line in there that reads: Workstation active on NetbiosSmb (000000000000) NetBT_Tcpip_{..................} then you have NetBT enabled. If so, NetBT uses ports: 137 (UDP) 138 (UDP) 139 (TCP) Unless you have a need for NetBT (like legacy clients on the domain) you might want to think about disabling NetBT: 1. Open the Network Connections folder and view available connections. 2. Right-click the connection that you want to configure, and then click Properties 3. On the General tab, click Internet Protocol (TCP/IP) in the list of components, and click the Properties button. 4. Click the Advanced button. 5. Click the WINS tab. Click Disable NetBIOS over TCP/IP.

SMB over IP - TCP/UDP 445 RDP - TCP 3389 DNS - TCP/UDP 53 WINS (?) - TCP 42 NTP - UDP 123 ICMP (Group Policy likes this) High Ports - TCP 49152 - 65535 (Client will need to contact DC LDAP, LDAP GC, RPC DNS, Kerberos) See http://support.microsoft.com/kb/179442/en-us for client details for AD -- Paul Bergson MVP - Directory Services MCITP: Enterprise Administrator MCTS, MCT, MCSE, MCSA, Security+, BS CSci 2008, Vista, 2003, 2000 (Early Achiever), NT4 http://www.pbbergs.com Twitter @pbbergs Please no e-mails, any questions should be posted in the NewsGroup This posting is provided "AS IS" with no warranties, and confers no rights.