Michael986
asked on
Ports to open for Outlook to Exchange
I have created a new VLAN on our network for some PCs which need to be segregated from the main network. The two networks are connected by a Cisco layer 3 switch, and I'm using ACLs to restrict traffic between them.
The PCs on VLAN2 still need to run Outlook and therefore connect to the Exchange server across the switch. I've investigated which ports to open via the ACL, but it seems that Outlook uses RPC to connect to Exchange, and as such the ports used vary.
Is there a way to allow Outlook on these PCs to connect to the Exchange server without opening up the whole port range?
The PCs on VLAN2 still need to run Outlook and therefore connect to the Exchange server across the switch. I've investigated which ports to open via the ACL, but it seems that Outlook uses RPC to connect to Exchange, and as such the ports used vary.
Is there a way to allow Outlook on these PCs to connect to the Exchange server without opening up the whole port range?
This document provides list of various Services Ports for Windows Server System including Exchange
http://support.microsoft.com/kb/832017
http://support.microsoft.com/kb/832017
This article describes how to create a Microsoft Outlook profile file that you can use to configure static communication ports in Microsoft Office Outlook 2007 and in Microsoft Office Outlook 2003. The static ports are used to connect to a Microsoft Exchange server. This procedure can be used to work around the problem that prevents Outlook from communicating through port 135 to prompt the End Point Mapper where to find the Exchange server.
http://support.microsoft.com/kb/833799
http://support.microsoft.com/kb/833799
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Akhater - Good call!! That is exactly what you should do and is the best practice.
Outlook Anywhere requires only port 443!
Outlook Anywhere requires only port 443!
ASKER
I did try opening port 443 to use Outlook Anywhere but it didn't work. However, it sounds as though that's the direction I need to go.
I've now opened up TCP/443 (is UDP/443 required - have added it but didn't make it work).
How do I force Outlook to use OA instead of using RPC. I've ticked the 'On fast networks, connect using HTTP' and 'On slow networks ...' settings in 'Exchange Proxy Settings' in Outlook - do I need to do anything else?
When trying to connect, it puts up a 'login' box and accepts the 'domain\username' and password combination, but still doesn't connect.
I've tried setting the 'URL to connect to my proxy server' to the default (mail.domain.com - works for other, external laptops), to the Exchange server name (both just the name and the fully qualified name) and also the IP address, but it doesn't connect.
Any ideas as to what else to try, or how to troubleshoot further? Should add that it's Exchange 2007 and Outlook 2007
I've now opened up TCP/443 (is UDP/443 required - have added it but didn't make it work).
How do I force Outlook to use OA instead of using RPC. I've ticked the 'On fast networks, connect using HTTP' and 'On slow networks ...' settings in 'Exchange Proxy Settings' in Outlook - do I need to do anything else?
When trying to connect, it puts up a 'login' box and accepts the 'domain\username' and password combination, but still doesn't connect.
I've tried setting the 'URL to connect to my proxy server' to the default (mail.domain.com - works for other, external laptops), to the Exchange server name (both just the name and the fully qualified name) and also the IP address, but it doesn't connect.
Any ideas as to what else to try, or how to troubleshoot further? Should add that it's Exchange 2007 and Outlook 2007
Does your autodiscover service up and runing?
This protected VLAN, these users will have NO internet access?
One way to test Outlook Settings to see what URL's are being used to to hold down the Right Control button on your keyboard and then left click the Outlook icon in the System Tray, and then click "Test E-Mail AutoConfiguration".
This protected VLAN, these users will have NO internet access?
One way to test Outlook Settings to see what URL's are being used to to hold down the Right Control button on your keyboard and then left click the Outlook icon in the System Tray, and then click "Test E-Mail AutoConfiguration".
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did you enable outlook anywhere to start with ?
Here is how to enable outlook anywhere on exchange 2007 sp1 http://www.exchange-genie.com/2008/02/configuring-outlook-anywhere-for-exchange-2007-sp1/
However the answer to your original question is to make it through outlook anywhere and open just 443, if you have problems with enabling outlook anywhere I suggest you open another question for that just to keep this one focused on one topic.
thanks
Here is how to enable outlook anywhere on exchange 2007 sp1 http://www.exchange-genie.com/2008/02/configuring-outlook-anywhere-for-exchange-2007-sp1/
However the answer to your original question is to make it through outlook anywhere and open just 443, if you have problems with enabling outlook anywhere I suggest you open another question for that just to keep this one focused on one topic.
thanks
ASKER
As I mentioned, Outlook Anywhere is already working for other external devices, so that shoudn't be the problem.
I'll open another question if I can't get to the bottom of it
I'll open another question if I can't get to the bottom of it
http://support.microsoft.com/kb/270836
Hope this helps