Ports used by Exchange Server
10 views
Skip to first unread message
kmohaan
Oct 28, 2008, 7:48:42 AM10/28/08
to Exchange User Group
Protocol: LDAP
· Port (TCP/UDP): 389 (TCP)
· Description: Lightweight Directory Access Protocol (LDAP), used by
Active Directory, Active Directory Connector, and the Microsoft
Exchange Server 5.5 directory.
Protocol: LDAP/SSL
· Port (TCP/UDP): 636 (TCP)
· Description: LDAP over Secure Sockets Layer (SSL). When SSL is
enabled, LDAP data that is transmitted and received is encrypted.
·To enable SSL, you must install a Computer certificate on the domain
controller or Exchange Server 5.5 computer.
Protocol: LDAP
· Port (TCP/UDP): 379 (TCP)
· Description: The Site Replication Service (SRS) uses TCP port 379.
Protocol: LDAP
· Port (TCP/UDP): 390 (TCP)
· Description: While not a standard LDAP port, TCP port 390 is the
recommended alternate port to configure the Exchange Server 5.5 LDAP
protocol when Exchange Server 5.5 is running on a Microsoft Windows
2000 Active Directory domain controller.
Protocol: LDAP
· Port (TCP/UDP): 3268 (TCP)
· Description: Global catalog. The Windows 2000 Active Directory
global catalog (which is really a domain controller "role") listens on
TCP port 3268. When you are troubleshooting issues that may be related
to a global catalog, connect to port 3268 in LDP.
Protocol: LDAP/SSL
· Port (TCP/UDP): 3269 (TCP)
· Description: Global catalog over SSL. Applications that connect to
TCP port 3269 of a global catalog server can transmit and receive SSL
encrypted data. To configure a global catalog to support SSL, you must
install a Computer certificate on the global catalog.
Protocol: IMAP4
· Port (TCP/UDP): 143 (TCP)
· Description: Internet Message Access Protocol version 4, may be used
by "standards-based" clients such as Microsoft Outlook Express or
Netscape Communicator to access the e-mail server. IMAP4 runs on top
of the Microsoft Internet Information Service (IIS) Admin Service
(Inetinfo.exe), and enables client access to the Exchange 2000
information store.
Protocol: IMAP4/SSL
· Port (TCP/UDP): 993 (TCP)
· Description: IMAP4 over SSL uses TCP port 993. Before an Exchange
2000 server supports IMAP4 (or any other protocol) over SSL, you must
install a Computer certificate on the Exchange 2000 server.
Protocol: POP3
· Port (TCP/UDP): 110 (TCP)
· Description: Post Office Protocol version 3, enables "standards-
based" clients such as Outlook Express or Netscape Communicator to
access the e-mail server. As with IMAP4, POP3 runs on top of the IIS
Admin Service, and enables client access to the Exchange 2000
information store.
Protocol: POP3/SSL
· Port (TCP/UDP): 995 (TCP)
· Description: POP3 over SSL. To enable POP3 over SSL, you must
install a Computer certificate on the Exchange 2000 server.
Protocol: NNTP
· Port (TCP/UDP): 119 (TCP)
· Description: Network News Transport Protocol, sometimes called
Usenet protocol, enables "standards-based" client access to public
folders in the information store. As with IMAP4 and POP3, NNTP is
dependent on the IIS Admin Service.
Protocol: NNTP/SSL
· Port (TCP/UDP): 563 (TCP)
· Description: NNTP over SSL. To enable NNTP over SSL, you must
install a Computer certificate on the Exchange 2000 Server.
Protocol: HTTP
· Port (TCP/UDP): 80 (TCP)
· Description: Hyper-Text Transfer Protocol is the protocol used
primarily by Microsoft Outlook Web Access (OWA), but also enables some
administrative actions in Exchange System Manager. HTTP is implemented
through the World Wide Web Publishing Service (W3Svc), and runs on top
of the IIS Admin Service.
Protocol: HTTP/SSL
· Port (TCP/UDP): 443 (TCP)
· Description: HTTP over SSL. To enable HTTP over SSL, you must
install a Computer certificate on the Exchange 2000 server.
Protocol: SMTP
· Port (TCP/UDP): 25 (TCP)
· Description: Simple Mail Transfer Protocol, is the foundation for
all e-mail transport in Exchange 2000. The SMTP Service (SMTPSvc) runs
on top of the IIS Admin Service. Unlike IMAP4, POP3, NNTP, and HTTP,
SMTP in Exchange 2000 does not use a separate port for secure
communication (SSL), but rather, employs an "in-band security sub-
system" called Transport Layer Security (TLS).
Protocol: SMTP/SSL
· Port (TCP/UDP): 465 (TCP)
· Description: SMTP over SSL. TCP port 465 is reserved by common
industry practice for secure SMTP communication using the SSL
protocol. However, unlike IMAP4, POP3, NNTP, and HTTP, SMTP in
Exchange 2000 does not use a separate port for secure communication
(SSL), but rather, employs an "in-band security sub-system" called
Transport Layer Security (TLS). To enable TLS to work on Exchange
2000, you must install a Computer certificate on the Exchange 2000
server.
Protocol: SMTP/LSA
· Port (TCP/UDP): 691 (TCP)
· Description: The Microsoft Exchange Routing Engine (also known as
RESvc) listens for routing link state information on TCP port 691.
Exchange 2000 uses routing link state information to route messages
and the routing table is constantly updated. The Link State Algorithm
(LSA) propagates outing status information between Exchange 2000
servers. This algorithm is based on the Open Shortest Path First
(OSPF) protocol from networking technology, and transfers link state
information between routing groups by using the X-LSA-2 command verb
over SMTP and by using a Transmission Control Protocol (TCP)
connection to port 691 in a routing group.
Protocol: RVP
· Port (TCP/UDP): 80 (TCP)
· Description: RVP is the foundation for Instant Messaging in Exchange
2000. While RVP communication begins with TCP port 80, the server
quickly sets up a new connection to the client on an ephemeral TCP
port above 1024. Because this port is not known in advance, issues
exist when you enable Instant Messaging through a firewall.
Protocol: IRC/IRCX
· Port (TCP/UDP): 6667 (TCP)
· Description: Internet Relay Chat (IRC) is the chat protocol. IRCX is
the extended version offered by Microsoft. While TCP port 6667 is the
most common port for IRC, TCP port 7000 is also very frequently used.
Protocol: IRC/SSL
· Port (TCP/UDP): 994 (TCP)
· Description: IRC (or Chat) over SSL. IRC or IRCX over SSL is not
supported in Exchange 2000.
Protocol: X.400
· Port (TCP/UDP): 102 (TCP)
· Description: ITU-T Recommendation X.400 is really a series of
recommendations for what an electronic message handling system (MHS)
should look like. TCP port 102 is defined in IETF RFC-1006, which
describes OSI communications over a TCP/IP network. In brief, TCP port
102 is the port that the Exchange message transfer agent (MTA) uses to
communicate with other X.400-capable MTAs.
Protocol: MS-RPC
· Port (TCP/UDP): 135 (TCP)
· Description: Microsoft Remote Procedure Call is a Microsoft
implementation of remote procedure calls (RPCs). TCP port 135 is
actually only the RPC Locator Service, which is like the registrar for
all RPC-enabled services that run on a particular server. In Exchange
2000, the Routing Group Connector uses RPC instead of SMTP when the
target bridgehead server is running Exchange 5.5. Also, some
administrative operations require RPC. To configure a firewall to
enable RPC traffic, many more ports than just 135 must be enabled.
Protocol: T.120
· Port (TCP/UDP): 1503 (TCP)
· Description: ITU-T Recommendation T.120 is a series of
recommendations that define data conferencing. Data conferencing is
implemented on the server side as a Conferencing Technology Provider
(CTP) in the Multipoint Control Unit (MCU), which is one component of
the Exchange Conferencing Services (ECS). Data conferencing is
implemented on the client side as Chat, Application Sharing,
Whiteboard, and File Transferring in Microsoft NetMeeting.
Protocol: ULS
· Port (TCP/UDP): 522 (TCP)
· Description: User Locator Service is a type of Internet directory
service for conferencing clients, such as NetMeeting. Exchange 2000
Server and Exchange 2000 Conferencing Server do not implement a ULS,
but rather take advantage of Active Directory for directory services
(by TCP port 389).
Protocol: H.323 (Video)
· Port (TCP/UDP): 1720 (TCP)
· Description: ITU-T Recommendation H.323 defines multimedia
conferencing. TCP port 1720 is the H.323 (video) call setup port.
After a client connects, the H.323 server negotiates a new, dynamic
UDP port to be used for streaming data.
Protocol: Audio
· Port (TCP/UDP): 1731 (TCP)
· Description: Audio conferencing is enabled in much the same way as H.
323 video conferencing is enabled in Exchange 2000 Server. After
clients connect to TCP port 1731, a new dynamic port is negotiated for
further streaming data.
Protocol: DNS
· Port (TCP/UDP): 53 (TCP)
· Description: Domain Name System (DNS) is at the heart of all of the
services and functions of Windows 2000 Active Directory and Exchange
2000 Server. You cannot underestimate the impact that a DNS issue can
have on the system. Therefore, when service issues arise, it is always
good to verify proper name resolution.
Information Store: TCP 135 inbound, TCP 6001 inbound when using RPC
over HTTP.
Exchange System Attendant: TCP 135 inbound, TCP 6002-6004 inbound when
using RPC over HTTP.
Exchange Routing Engine: TCP 691 inbound and outbound.
WWW Service (OWA): TCP 80 inbound, TCP 443 inbound
when using SSL; TCP 80 outbound when HTTP is used for front-end to
back-end server communication.
SMTP: TCP 25 inbound and outbound. Remember, even with
POP3 clients, messages are still sent with SMTP.
POP3 (disabled by default): TCP 110 inbound; TCP 995 inbound when
using SSL; TCP 110 outbound when POP3 is used for front-end to back-
end server communication.
IMAP4 (disabled by default): TCP 143 inbound; TCP 993 inbound when
using SSL; TCP 443 outbound when IMAP4 is used for front-end to back-
end server communication.
NNTP (disabled by default): TCP 119 inbound; TCP 563 inbound when
using SSL; TCP 119 outbound (TCP 563 outbound for SSL) is needed for
servers that push news content to other servers.
ActiveSync: UDP 2883 outbound on the front-end server.
LDAP/ TCP 3268 – Used by Exchange to communicate with the domain's
Global Catalog servers.
regards
Mohan k
· Port (TCP/UDP): 389 (TCP)
· Description: Lightweight Directory Access Protocol (LDAP), used by
Active Directory, Active Directory Connector, and the Microsoft
Exchange Server 5.5 directory.
Protocol: LDAP/SSL
· Port (TCP/UDP): 636 (TCP)
· Description: LDAP over Secure Sockets Layer (SSL). When SSL is
enabled, LDAP data that is transmitted and received is encrypted.
·To enable SSL, you must install a Computer certificate on the domain
controller or Exchange Server 5.5 computer.
Protocol: LDAP
· Port (TCP/UDP): 379 (TCP)
· Description: The Site Replication Service (SRS) uses TCP port 379.
Protocol: LDAP
· Port (TCP/UDP): 390 (TCP)
· Description: While not a standard LDAP port, TCP port 390 is the
recommended alternate port to configure the Exchange Server 5.5 LDAP
protocol when Exchange Server 5.5 is running on a Microsoft Windows
2000 Active Directory domain controller.
Protocol: LDAP
· Port (TCP/UDP): 3268 (TCP)
· Description: Global catalog. The Windows 2000 Active Directory
global catalog (which is really a domain controller "role") listens on
TCP port 3268. When you are troubleshooting issues that may be related
to a global catalog, connect to port 3268 in LDP.
Protocol: LDAP/SSL
· Port (TCP/UDP): 3269 (TCP)
· Description: Global catalog over SSL. Applications that connect to
TCP port 3269 of a global catalog server can transmit and receive SSL
encrypted data. To configure a global catalog to support SSL, you must
install a Computer certificate on the global catalog.
Protocol: IMAP4
· Port (TCP/UDP): 143 (TCP)
· Description: Internet Message Access Protocol version 4, may be used
by "standards-based" clients such as Microsoft Outlook Express or
Netscape Communicator to access the e-mail server. IMAP4 runs on top
of the Microsoft Internet Information Service (IIS) Admin Service
(Inetinfo.exe), and enables client access to the Exchange 2000
information store.
Protocol: IMAP4/SSL
· Port (TCP/UDP): 993 (TCP)
· Description: IMAP4 over SSL uses TCP port 993. Before an Exchange
2000 server supports IMAP4 (or any other protocol) over SSL, you must
install a Computer certificate on the Exchange 2000 server.
Protocol: POP3
· Port (TCP/UDP): 110 (TCP)
· Description: Post Office Protocol version 3, enables "standards-
based" clients such as Outlook Express or Netscape Communicator to
access the e-mail server. As with IMAP4, POP3 runs on top of the IIS
Admin Service, and enables client access to the Exchange 2000
information store.
Protocol: POP3/SSL
· Port (TCP/UDP): 995 (TCP)
· Description: POP3 over SSL. To enable POP3 over SSL, you must
install a Computer certificate on the Exchange 2000 server.
Protocol: NNTP
· Port (TCP/UDP): 119 (TCP)
· Description: Network News Transport Protocol, sometimes called
Usenet protocol, enables "standards-based" client access to public
folders in the information store. As with IMAP4 and POP3, NNTP is
dependent on the IIS Admin Service.
Protocol: NNTP/SSL
· Port (TCP/UDP): 563 (TCP)
· Description: NNTP over SSL. To enable NNTP over SSL, you must
install a Computer certificate on the Exchange 2000 Server.
Protocol: HTTP
· Port (TCP/UDP): 80 (TCP)
· Description: Hyper-Text Transfer Protocol is the protocol used
primarily by Microsoft Outlook Web Access (OWA), but also enables some
administrative actions in Exchange System Manager. HTTP is implemented
through the World Wide Web Publishing Service (W3Svc), and runs on top
of the IIS Admin Service.
Protocol: HTTP/SSL
· Port (TCP/UDP): 443 (TCP)
· Description: HTTP over SSL. To enable HTTP over SSL, you must
install a Computer certificate on the Exchange 2000 server.
Protocol: SMTP
· Port (TCP/UDP): 25 (TCP)
· Description: Simple Mail Transfer Protocol, is the foundation for
all e-mail transport in Exchange 2000. The SMTP Service (SMTPSvc) runs
on top of the IIS Admin Service. Unlike IMAP4, POP3, NNTP, and HTTP,
SMTP in Exchange 2000 does not use a separate port for secure
communication (SSL), but rather, employs an "in-band security sub-
system" called Transport Layer Security (TLS).
Protocol: SMTP/SSL
· Port (TCP/UDP): 465 (TCP)
· Description: SMTP over SSL. TCP port 465 is reserved by common
industry practice for secure SMTP communication using the SSL
protocol. However, unlike IMAP4, POP3, NNTP, and HTTP, SMTP in
Exchange 2000 does not use a separate port for secure communication
(SSL), but rather, employs an "in-band security sub-system" called
Transport Layer Security (TLS). To enable TLS to work on Exchange
2000, you must install a Computer certificate on the Exchange 2000
server.
Protocol: SMTP/LSA
· Port (TCP/UDP): 691 (TCP)
· Description: The Microsoft Exchange Routing Engine (also known as
RESvc) listens for routing link state information on TCP port 691.
Exchange 2000 uses routing link state information to route messages
and the routing table is constantly updated. The Link State Algorithm
(LSA) propagates outing status information between Exchange 2000
servers. This algorithm is based on the Open Shortest Path First
(OSPF) protocol from networking technology, and transfers link state
information between routing groups by using the X-LSA-2 command verb
over SMTP and by using a Transmission Control Protocol (TCP)
connection to port 691 in a routing group.
Protocol: RVP
· Port (TCP/UDP): 80 (TCP)
· Description: RVP is the foundation for Instant Messaging in Exchange
2000. While RVP communication begins with TCP port 80, the server
quickly sets up a new connection to the client on an ephemeral TCP
port above 1024. Because this port is not known in advance, issues
exist when you enable Instant Messaging through a firewall.
Protocol: IRC/IRCX
· Port (TCP/UDP): 6667 (TCP)
· Description: Internet Relay Chat (IRC) is the chat protocol. IRCX is
the extended version offered by Microsoft. While TCP port 6667 is the
most common port for IRC, TCP port 7000 is also very frequently used.
Protocol: IRC/SSL
· Port (TCP/UDP): 994 (TCP)
· Description: IRC (or Chat) over SSL. IRC or IRCX over SSL is not
supported in Exchange 2000.
Protocol: X.400
· Port (TCP/UDP): 102 (TCP)
· Description: ITU-T Recommendation X.400 is really a series of
recommendations for what an electronic message handling system (MHS)
should look like. TCP port 102 is defined in IETF RFC-1006, which
describes OSI communications over a TCP/IP network. In brief, TCP port
102 is the port that the Exchange message transfer agent (MTA) uses to
communicate with other X.400-capable MTAs.
Protocol: MS-RPC
· Port (TCP/UDP): 135 (TCP)
· Description: Microsoft Remote Procedure Call is a Microsoft
implementation of remote procedure calls (RPCs). TCP port 135 is
actually only the RPC Locator Service, which is like the registrar for
all RPC-enabled services that run on a particular server. In Exchange
2000, the Routing Group Connector uses RPC instead of SMTP when the
target bridgehead server is running Exchange 5.5. Also, some
administrative operations require RPC. To configure a firewall to
enable RPC traffic, many more ports than just 135 must be enabled.
Protocol: T.120
· Port (TCP/UDP): 1503 (TCP)
· Description: ITU-T Recommendation T.120 is a series of
recommendations that define data conferencing. Data conferencing is
implemented on the server side as a Conferencing Technology Provider
(CTP) in the Multipoint Control Unit (MCU), which is one component of
the Exchange Conferencing Services (ECS). Data conferencing is
implemented on the client side as Chat, Application Sharing,
Whiteboard, and File Transferring in Microsoft NetMeeting.
Protocol: ULS
· Port (TCP/UDP): 522 (TCP)
· Description: User Locator Service is a type of Internet directory
service for conferencing clients, such as NetMeeting. Exchange 2000
Server and Exchange 2000 Conferencing Server do not implement a ULS,
but rather take advantage of Active Directory for directory services
(by TCP port 389).
Protocol: H.323 (Video)
· Port (TCP/UDP): 1720 (TCP)
· Description: ITU-T Recommendation H.323 defines multimedia
conferencing. TCP port 1720 is the H.323 (video) call setup port.
After a client connects, the H.323 server negotiates a new, dynamic
UDP port to be used for streaming data.
Protocol: Audio
· Port (TCP/UDP): 1731 (TCP)
· Description: Audio conferencing is enabled in much the same way as H.
323 video conferencing is enabled in Exchange 2000 Server. After
clients connect to TCP port 1731, a new dynamic port is negotiated for
further streaming data.
Protocol: DNS
· Port (TCP/UDP): 53 (TCP)
· Description: Domain Name System (DNS) is at the heart of all of the
services and functions of Windows 2000 Active Directory and Exchange
2000 Server. You cannot underestimate the impact that a DNS issue can
have on the system. Therefore, when service issues arise, it is always
good to verify proper name resolution.
Information Store: TCP 135 inbound, TCP 6001 inbound when using RPC
over HTTP.
Exchange System Attendant: TCP 135 inbound, TCP 6002-6004 inbound when
using RPC over HTTP.
Exchange Routing Engine: TCP 691 inbound and outbound.
WWW Service (OWA): TCP 80 inbound, TCP 443 inbound
when using SSL; TCP 80 outbound when HTTP is used for front-end to
back-end server communication.
SMTP: TCP 25 inbound and outbound. Remember, even with
POP3 clients, messages are still sent with SMTP.
POP3 (disabled by default): TCP 110 inbound; TCP 995 inbound when
using SSL; TCP 110 outbound when POP3 is used for front-end to back-
end server communication.
IMAP4 (disabled by default): TCP 143 inbound; TCP 993 inbound when
using SSL; TCP 443 outbound when IMAP4 is used for front-end to back-
end server communication.
NNTP (disabled by default): TCP 119 inbound; TCP 563 inbound when
using SSL; TCP 119 outbound (TCP 563 outbound for SSL) is needed for
servers that push news content to other servers.
ActiveSync: UDP 2883 outbound on the front-end server.
LDAP/ TCP 3268 – Used by Exchange to communicate with the domain's
Global Catalog servers.
regards
Mohan k
Reply all
Reply to author
Forward
0 new messages