- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Allowing Microsoft KMS activation
NEED: To allow an external KMS server (we trust the external IP) to communicate back and forth with our internal server subnet for Windows activation, BUT...
PROBLEM: the KMS server has to see the traffic coming to it from a trusted IP-space. Our firewall external IP is not in their trusted IP-space, and they don't whitelist IPs from other providers. Can I put policies in place to allow the KMS server to see the IPs of our internal servers? If so, how?
(faked IPs below)
KMS Server: 50.100.100.200
Our firewall External IP: 60.120.120.1 (Fortigate 200E, running FortiOS 7.0.9)
Our internal IP subnet: 172.10.10.0/255.255.255.0 (I believe this is considered trusted IP-space, as these are VMs hosted by the same company that has the KMS server)
I should have added, the KMS server only responds on port 1227
Thanks for the help,
David
- Labels:
-
FortiGate
-
FortiGateCloud
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have to do a windows license renewal for one of company clients and they're looking to add a KMS to manage all the licenses.
My question is do I need separate license for KMS service? When I check on MS website they mentioned something called KMS Host license but I'm not sure what it is? And when I asked from the local MS distributor he said I don't need any additional license and I just have to enable the KMS service on a windows server.
