Ports to allow GINA/Mac installation through a firewall

Ports to allow GINA/Mac installation through a firewall

Hello, I recently setup ADSS+ on a workgroup server in our DMZ, and closed all but the necessary ports between it and our DCs.  Before we locked it down, it was closed to the Internet and wide open inside, including the user VLANs.  Since the lockdown to be only accessible to/from the DCs, I am not able to push the GINA/Mac installation to the user VLANs.  What port(s) do I need to open between the ADSS+ server and the user VLANs to allow this (and the updates) to run?  I suspect 445 TCP/UDP, but was wondering if there was anything else required before I go beg and plead with the firewall admin for more changes.

Thank you!
              New to ADManager Plus?

                New to ADSelfService Plus?