# RAS Enrollment Server

| **ource**                  | **Destination**       | **Protocols**                                      | **Ports**                                          | **Description**                                                                         |
| -------------------------- | --------------------- | -------------------------------------------------- | -------------------------------------------------- | --------------------------------------------------------------------------------------- |
| RAS Enrollment Server      | AD DS controllers     | <p>TCP</p><p>TCP</p><p>TCP,UDP</p><p>UDP</p>       | <p>389, 3268</p><p>636, 3269</p><p>88</p><p>53</p> | <p>LDAP</p><p>LDAPS</p><p>Kerberos</p><p>DNS</p>                                        |
|                            | RAS Connection Broker | <p>TCP</p><p>UDP</p>                               | <p>20003</p><p>20003</p>                           | <p>Settings synchronization and performance counters.</p><p>Deny Connection Request</p> |
| Certificate Authority (CA) | <p>TCP</p><p>TCP</p>  | <p>135</p><p>dynamic range</p><p>49152 - 65535</p> | DCOM/RPC ports                                     |                                                                                         |