Which port must be opened on a Firewall for Kerberos?

Kenneth MacDonald Kenneth.MacDonald at ed.ac.uk
Mon May 26 09:46:50 EDT 2014

On Mon, 2014-05-26 at 15:22 +0200, csanyipal at gmail.com wrote:
> Hi,
> my home server get his static address from my ISP with DHCP to specific
> MAC address of the eth0.
> So, it seems that, that I'm behind a firewall of my ISP.
> Which ports must be opened on a firewall ( on firewall of my ISP, or on
> firewall of mine ), so I can reach my Kerberos server on my home server
> from my mobile phone or from the Internet? 

Port 88 over UDP (and TCP if you configured your KDC to listen on it)
will get you authentication and tickets.

You should think before opening up the next two ...

Port 464 UDP & TCP if you want to be able to change passwords.

Port 749 TCP if you want to be able to access kadmind.



The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.

More information about the Kerberos mailing list