How intune cert connector communicate with Windows CA Server

Tiangeng Li 0 Reputation points
2024-09-05T06:41:39.05+00:00

Hi,

I installed intune cert connector on windows server 2016, and I have a CA server running on another Windows server, these two servers are not in the same subnet, in between there is firewall to sure the traffic, and for security purpose, we cannot open to all ports, so I am wondering what port numbers the intune cert connector uses to communicate with CA server?

Thank you.

Best Regards,

Li Tiangeng

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,902 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Neuvi Jiang 835 Reputation points Microsoft Vendor
    2024-09-05T08:07:22.8833333+00:00

    Hi Tiangeng Li,

    Thank you for posting in the Q&A Forums.

    Overview of port usage

    HTTPS (port 443):

    This is the most common port used to transfer encrypted HTTP traffic between the Intune Certificate Connector and the CA server.

    If your CA server is configured to accept certificate requests over HTTPS, then port 443 will be required.

    Other ports:

    In some special configurations, other ports may be used, but this is usually not standard practice.

    If your CA server is configured to use a non-standard port, you will need to ensure that the appropriate port is opened in the firewall.

    Firewall Configuration Recommendations

    Allow HTTPS traffic:

    In your firewall rules, ensure that HTTPS (port 443) traffic is allowed from servers running the Intune Certificate Connector to the CA server.

    Check for specific port requirements:

    If your CA server is configured to use a non-standard port, make sure to open that port in the firewall.

    You can contact your CA server administrator or check the CA server's configuration documentation for this information.

    Network Address Translation (NAT) and Port Forwarding:

    If the two servers are not on the same subnet and need to communicate through the firewall, make sure that the appropriate NAT and port forwarding rules are configured.

    Best regards

    NeuviJ

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.