Solved

Users cannot connect to Outlook when windows firewall is enabled on the exchange server

Posted on 2006-11-20
9
646 Views
Last Modified: 2012-06-27
Users cannot connect to Outlook when windows firewall is enabled on the exchange server.  Any ideas how I can set this up so they both work without being at a security risk.  Or should I setup a different firewall for the network.
0
Comment
Question by:mkurtzhals
9 Comments
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 500 total points
ID: 17983007
Hi mkurtzhals,

Disable the windows firewall on the exchange server - software firewalls on windows servers is never a good idea.

Protect yourself at the gateway level, and protect only your workstations with the windows firewall

-red
0
 

Expert Comment

by:FarFromHome
ID: 17983160
I agree with redseatechnologies! You shouldn't have the windows firewall on the exchange server. You should have a hardware firewall or a box running a dedicated software firewall at your gateway to the internet! My preference is a Cisco PIX but there are many other firewalls for all budgets large and small.
0
 

Expert Comment

by:juandabomb
ID: 17983665
Turn off the Firewall but If you feel like keepin it on then manually add these ports under the exceptions tab in the Windows Firewall settings.

Port       Process       Description
20     FTP     File Transfer Protocol - Data
21     FTP     File Transfer Protocol - Control
25     SMTP     Simple Mail Transfer Protocol
53     DNS     Domain Name System
69     TFTP     Trivial File Transfer Protocol
80     HTTP     Hypertext Transfer Protocol
110     POP3     Post Office Protocol
443     HTTPS     Hypertext Transfer Protocol - Secure
445                           File Sharing
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17983695
If you do that Juan, Outlook will still not connect

You have left out the rpc ports!
0
Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

 
LVL 1

Expert Comment

by:zagroupie
ID: 17984611
Is it possible that the users are not getting an IP address via DHCP?  If so just enable the DHCP client settings so that the users are provided the IP address.  I would also concur and say that the hardware method is the best for firewalls.  You can use PIXs and VPNs to secure your network to best suit your needs.  Cisco is the most used and expensive however.


GL/

0
 
LVL 5

Expert Comment

by:onlinerack
ID: 17984700
I would not put a firewall on the exchange server.. have a hardware appliance... however if you want to stick to it, look into enabling RPC over http proxy. this would would work if it is exchange 2003
0
 
LVL 5

Expert Comment

by:drawlin
ID: 17984719
You can also create a windows firewall rule to allow all IP traffic from your LAN's Network range.  (ie. 192.168.10.1-155).  But , yes, you really should install a firewall at the gateway.
0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 17985989
Except the mainly static ports as above, you should also open DYNAMIC port between Exchange & OUTLOOK connection in firewall. (TCP 1024 - 5000)

SMTP (Simple Mail Transfer Protocol)
This is a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is generally used to send messages from a mail client to a mail server. This is why you need to specify both the POP or IMAP server and the SMTP server when you configure your e-mail application. (Allow outbound TCP local ports 1024-5000 remote port 25)



More Information
Exchange Server static port mappings
http://ask.support.microsoft.com/kb/270836/en-us

*** Even fixed it in registry
How to configure RPC dynamic port allocation to work with firewalls
http://ask.support.microsoft.com/kb/154596/en-us
0
 

Expert Comment

by:JamesPeddle
ID: 17991658
Hi,

I agree that you should disable the windows firewall and protect yourself at gatewat level with a hardware firewall.  I take it that you have already turned off the firewall to check that is the problem.

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now