Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 198
  • Last Modified:

Allowing Exchange 5.5 "New Mail Notifications" through firewall

I've got a company behind a Netscreen 5 firewall but the users access an Exchange 5.5 server (NT for now) outside of the firewall.  

Everthing works fine except that the new mail notifications from the server are being blocked by the firewall. Checking into it I found out that Exchange uses random udp ports to send these notifications.  I've tried a policy on the firewall to allow all services from the Exchange server itself to get through.  I also created a custom server and set it to let in all udp ports from the Exchange server i.p. address but it still doesn't work.

Any ideas?
0
koden
Asked:
koden
  • 3
  • 2
1 Solution
 
mikecrCommented:
I think this might be what your looking for.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264035
0
 
scraig84Commented:
You should be able to allow anything from the IP address of the Exchange server through.  However, this is typically considered poor security policy because it opens the door to spoofing.  Any chance you bring the Exchange server behind the firewall and allow external access through the firewall?
0
 
kodenAuthor Commented:
I just set up an icoming policy to allow incoming traffic  from the exchange server (all udp ports over 9999) on the firewall and Im waiting to see what happens...  
Unfortunately at this time I can't get the exchange server behind the firewall.  I take care of a subsidary company of a larger company that doesn't have a firewall yet - I set up this firewall so I could set up a Citrix server for home users.   Now (lots of fun) i just found out from netscreen that I can't assign an incoming policy to my pc behind the firewall (one to many nat by the netscreen).  The only way I can get this to work that I see is to set up one to one mapping with real ip's for each pc behind the firewall - Netscreen disappointed me on this one.
I'll get back soon.  
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
kodenAuthor Commented:
Sorry about the delay - had to go out of town for a week.
I'm finally going into the office to test things this Friday - get back then.
0
 
kodenAuthor Commented:
That did the trick - thanks.
0
 
mikecrCommented:
No problem. If there is anything else we can do for you, please stop back.
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now