Linux Iptables Open LDAP Server TCP Ports 389 and 636

The default Iptables configuration under CentOS / Red Hat / RHEL / Fedora Linux does not allow inbound access to LDAP service. How do I update iptables settings to allow access to the LDAP primary TCP #389 and encrypted-only TCP # 636 ports, while keeping all other ports on the server in their default protected state?

Under CentOS / RHEL you need to update /etc/sysconfig/iptables files. Usually you need to restrict access to an appropriate network block and network mask, representing the client machines on your LAN or WAN which will connect to your LDAP server hosted on RHEL.

Configure Iptables to Allow Access to the LDAP Server

Edit /etc/sysconfig/iptables using the text editor:
# vi /etc/sysconfig/iptables
Add the following lines, before the final LOG and DROP lines to give access only from network:

-A RH-Firewall-1-INPUT -s -m state --state NEW -p tcp --dport 389 -j ACCEPT
-A RH-Firewall-1-INPUT -s -m state --state NEW -p tcp --dport 636 -j ACCEPT

Save and close the file. Reload iptables firewall rules and open ports # 389 and 636:
# service iptables reload

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 8 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
8 comments… add one
  • sunny Aug 16, 2009 @ 12:04

    can you explain what is LDAP server and what is its use

  • 🐧 nixCraft Aug 16, 2009 @ 13:02

    Lightweight Directory Access Protocol is an application protocol for querying and modifying directory services running over TCP/IP. It is used for Email application, web server, squid, central authentication and much more.

    • Baskar Feb 1, 2011 @ 1:36

      I have an LDAP server running on RHEL 6. When I do an LDAP search within that server, it works. But, when I perform the same search from outside, I get “Can’t connect to LDAP Server”. I have disabled the Firewall. Both ips are on the same subnet. But the same set up works from SLES 11(LDAP Server). What is different on RHEL 6. Any ideas? Thanks.

  • Peter Zau hkawng Aug 20, 2009 @ 5:34

    Hi sir
    I heard that linux server is good for proxy, I also read linux study guide but I don’t know how to config it. let me know squid 2.4 configuration step by step use in soho squid server . Pls mail me help me .

    Peter Zau Hkawng

  • peter Apr 14, 2011 @ 12:27

    Hello everyone,
    i’m using PHP to edit iptables rules on centOs. In fact, i’ve configured the sudoers file do grant priviliges to my xampp user (nobody). But what make me loose my cool is that, whenever i try to edit iptables in php script, nothing happens. What else do I really need to do in order to make it go? I really need your help.

  • kaliya singh May 20, 2011 @ 7:33

    how to install ldap server in linux rhel5?????

  • paramesh Aug 11, 2012 @ 18:18

    i have an ldap server configured in rel5.4, i must login in windows7 using that ldap user please any body ?????????????????????

    • Au Hun Boon Jan 2, 2015 @ 3:23


      In order for windows to join ldap server. You need a 3rd party software install on your windows 7. Look for pgina.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum