jafar54
asked on
Ports that Outlook 2003 use to communicate
Hi there
We would like to segregate a section of our LAN. We would like to configure a Firewall to only allow access to certain ports on our Exchange 2003 so that users in this segment are able to connect with their outlook and use its full functionality.
My question is what ports are necessary for outlook to be able to function correctly??
I have found the following articles, but they are more related to what ports Exchange 2000 / 2003 use :
http://www.petri.co.il/ports_used_by_exchange.htm
http://support.microsoft.com/?kbid=278339
Any help would be appreciated.
Jafar54
We would like to segregate a section of our LAN. We would like to configure a Firewall to only allow access to certain ports on our Exchange 2003 so that users in this segment are able to connect with their outlook and use its full functionality.
My question is what ports are necessary for outlook to be able to function correctly??
I have found the following articles, but they are more related to what ports Exchange 2000 / 2003 use :
http://www.petri.co.il/ports_used_by_exchange.htm
http://support.microsoft.com/?kbid=278339
Any help would be appreciated.
Jafar54
As hinted above, if you want to lock things down then use RPC over HTTPS. Then you are looking at a single port - 443. Just make sure everything resolves correctly.
Although I am not a fan of internal firewalls blocking access to Exchange. In those scenarios I prefer Exchange and a domain controller to be placed somewhere where everyone has full access (like a DMZ, but with all ports open).
Simon.
Although I am not a fan of internal firewalls blocking access to Exchange. In those scenarios I prefer Exchange and a domain controller to be placed somewhere where everyone has full access (like a DMZ, but with all ports open).
Simon.
ASKER
ok i get that reasoning to use RPC over HTTPS...... but say you didn't wanna go that way. Say you are using a unintelligent dumb firewall where you need to specify all the ports required..... ie. the FW is not application aware or anything.
Now you have clients that are using Outlook 2003 with cache mode enabled.... .your Exchange server is setup normally, no fancy config, straight out the box. You also have a stock standard front end server provisioning OWA and OMA.
What ports would you need to open? Or is the message that the easiest and simplest way to do is to use the single port approach with RCP over HTTPS?
Jafar54
Now you have clients that are using Outlook 2003 with cache mode enabled.... .your Exchange server is setup normally, no fancy config, straight out the box. You also have a stock standard front end server provisioning OWA and OMA.
What ports would you need to open? Or is the message that the easiest and simplest way to do is to use the single port approach with RCP over HTTPS?
Jafar54
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
outlook 2003 used Mapi to comminicate with exchange server, the ports used when outlook connects to an exchange server are RPC assigned ports. You could use rpc over http to tunnel through the firewall , also cisco pix 7.0 has an inspect command for passing RPC.
(I have read recently that it is possible to tie down RPC assigned ports for certain services )
Why do you want to place a firewall between your outlook clients and exchange? Depending on answer, it might be better to use a frontend exchange -> firewall -> backend exchange server -> outlook client solution?