Exchange 2007 ports

Posted on 2007-10-03
Last Modified: 2012-05-05
Unless I'm mistaken, I should configure firewall.cpl on the Exchange 2007 box. For local traffic (and remote) traffic (machine is not located on a DMZ, I'm using port forwarding on a non-ISA firewall), what are the appropriate ports to open?

I followed instructions here ( but stopped, thinking that Exchange 2007 may not use those ports. Also, for client->AD->Exchange login traffic (LDAP/Kerberos), the domain controllers (local, not on a DMZ) need(?) firewall.cpl configured as well. Which ports are needed there?

I'm wary (erroneously?) of using these instructions: since this should(?) be a simple matter of opening the appropriate tcp/ip ports, and I prefer the manual configuration via firewall.cpl.
Question by:light-blue
    1 Comment
    LVL 2

    Accepted Solution

    Do not configure the Windows Firewall on your E2K7 server if it is within your perimeter network.  This is not done by default on your W2K3 system.  If you are concerned about securing your E2K7 server you should investigate using the Security Configuration Wizard with the new E2K7 (mode-specific) templates.  This will lock down the services and ports on your server.

    However.. you should do this in a lab environment first as this can also cause you to loose connectivity if you apply additional settings to the security policy.

    If you want to lock down the communication between your DCs and Exchange servers consider using IPSec with PKI certs on both your DCs and Exchange Servers.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Learn more about how the humble email signature can be used as more than just an electronic business card. When used correctly, a signature can easily be tailored for different purposes by different departments within an organization.
    Use email signature images to promote corporate certifications and industry awards.
    In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now