====== Wichtige Ports ======

^Anwendung^Transport^Port^Erläuterung^
|Fernzugriff|tcp|22|SSH|
|Namensauflösung|tcp/udp|53|DNS|
|Webserver|tcp|80|HTTP|
|Zeitsynchronisierung|udp|123|NTP|
|Monitoring/Management|udp|161|SNMP|
|Monitoring/Management|udp|162|SNMP traps|
|Webserver|tcp|443|HTTPS|
|Mailclient|tcp|465|SMTP SSL/TLS|
|IPsec|udp|500|IKE|
|Mailclient|tcp|587|SMTP Submission (STARTTLS)|
|Mailabruf|tcp|995|POP3S|
|IPsec|udp|4500|NAT-Traversal|

===== Profil "Domain Controller" =====

^Clientports^Serverport^Service^
|49152-65535/UDP|123/UDP|W32time|
|49152-65535/TCP|135/TCP|RPC Endpoint Mapper|
|49152-65535/TCP|464/TCP/UDP|Kerberos-Kennwortänderung|
|49152-65535/TCP|49152-65535/TCP|RPC für LSA, SAM, NetLogon (*)|
|49152-65535/TCP/UDP|389/TCP/UDP|LDAP|
|49152-65535/TCP|636/TCP|LDAP SSL|
|49152-65535/TCP|3268/TCP|LDAP-GC|
|49152-65535/TCP|3269/TCP|LDAP GC SSL|
|53, 49152-65535/TCP/UDP|53/TCP/UDP|DNS|
|49152-65535/TCP|49152-65535/TCP|FRS RPC (*)|
|49152-65535/TCP/UDP|88/TCP/UDP|Kerberos|
|49152-65535/TCP/UDP|445/TCP|SMB (**)|
|49152-65535/TCP|49152-65535/TCP|DFSR-RPC (*)|

> https://docs.microsoft.com/de-de/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts
> https://activedirectorypro.com/active-directory-ports-used-client-to-server/
===== Profil "WLAN Call Telekom" =====

^Clientports^Serverport^Service^
|Any|500/UDP|ISAKMP/IKE|
|Any|4500/UDP|IKEv2|