Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Firewall Ports Require behind firewall port

187 views
Skip to first unread message

news.microsoft.com

unread,
Apr 26, 2008, 3:29:49 PM4/26/08
to
have an a single exchange 2003 box sitting behind the firewall.This is
the only mail and AD server.

I recently configure my user with VPN access.

I have problem getting the user outlook 2003 client connected to my exchange
server via exchange method(Mapi) through the VPN session. There iis no
problem at all when connnting internally.

I know this is the firewall port issue, as when I allow all service ports to
allow through the vpn session to my exchnage erver , it will have no problem
at all

As I need to fine tune my firewall to close up all unnessary ports.

can someone able to let me know the minimum port require to open out for
outlook to connect to exchange server behind the firewall.

John Oliver, Jr. [MVP]

unread,
Apr 28, 2008, 11:20:16 PM4/28/08
to
Only ports necessary to open inbound for Exchange is 25 SMTP and 443 SSL.
As for your user having issues, what DNS server is he/she using for his VPN
connection? It should be the DNS Server at the Office as he/she needs to
resolve the Exchange Server by FQDN. If it were me, I would configure the
user for RPC over HTTPs for his Outlook 2003 connection as there is no need
for VPN. See,

http://www.msexchange.org/tutorials/outlookrpchttp.html

--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner

"news.microsoft.com" <antonia...@yahoo.com> wrote in message
news:eOCNUhDq...@TK2MSFTNGP04.phx.gbl...

news.microsoft.com

unread,
May 1, 2008, 6:04:50 AM5/1/08
to
Dear John,

I pointed the DNS server of my VPN session to my Internal Lan DNS server
which happen also to be my DNS.

Isn't port 25 only for smtp connection, how about in mapi connection ?

"John Oliver, Jr. [MVP]" <jcoli...@hotmail.com> wrote in message
news:%23Ngqzfa...@TK2MSFTNGP03.phx.gbl...

John Oliver, Jr. [MVP]

unread,
May 3, 2008, 8:45:31 PM5/3/08
to
You are not understanding this fully so I will explain further, only ports
that should be open on your Firewall to your Exchange Server is port 25 and
443. VPN has nothing to do with this. If you decided to have remote VPN
Clients connect to your LAN to use Outlook then your VPN tunnel should be
passing all traffic so the clients will connect with RPC, similar to local
Outlook Clients on your LAN. If this is working properly you should be able
to ping your Exchange Server by FQDN and get a reply. As I suggested in my
last post, you can eliminate the VPN Client all together if you implement
RPC over HTTPs.

--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner

"news.microsoft.com" <antonia...@yahoo.com> wrote in message

news:uiZP8c9q...@TK2MSFTNGP03.phx.gbl...

0 new messages