|
|
|
date: Sun, 27 Apr 2008 03:29:49 +0800,
group: microsoft.public.exchange.misc
back
Re: Firewall Ports Require behind firewall port
Only ports necessary to open inbound for Exchange is 25 SMTP and 443 SSL.
As for your user having issues, what DNS server is he/she using for his VPN
connection? It should be the DNS Server at the Office as he/she needs to
resolve the Exchange Server by FQDN. If it were me, I would configure the
user for RPC over HTTPs for his Outlook 2003 connection as there is no need
for VPN. See,
http://www.msexchange.org/tutorials/outlookrpchttp.html
--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner
"news.microsoft.com" wrote in message
news:eOCNUhDqIHA.1872@TK2MSFTNGP04.phx.gbl...
> have an a single exchange 2003 box sitting behind the firewall.This is
> the only mail and AD server.
>
> I recently configure my user with VPN access.
>
> I have problem getting the user outlook 2003 client connected to my
> exchange
> server via exchange method(Mapi) through the VPN session. There iis no
> problem at all when connnting internally.
>
> I know this is the firewall port issue, as when I allow all service ports
> to
> allow through the vpn session to my exchnage erver , it will have no
> problem
> at all
>
> As I need to fine tune my firewall to close up all unnessary ports.
>
> can someone able to let me know the minimum port require to open out for
> outlook to connect to exchange server behind the firewall.
>
>
>
date: Mon, 28 Apr 2008 23:20:16 -0400
author: John Oliver, Jr. [MVP]
Re: Firewall Ports Require behind firewall port
Dear John,
I pointed the DNS server of my VPN session to my Internal Lan DNS server
which happen also to be my DNS.
Isn't port 25 only for smtp connection, how about in mapi connection ?
"John Oliver, Jr. [MVP]" wrote in message
news:%23NgqzfaqIHA.4112@TK2MSFTNGP03.phx.gbl...
> Only ports necessary to open inbound for Exchange is 25 SMTP and 443 SSL.
> As for your user having issues, what DNS server is he/she using for his
> VPN connection? It should be the DNS Server at the Office as he/she needs
> to resolve the Exchange Server by FQDN. If it were me, I would configure
> the user for RPC over HTTPs for his Outlook 2003 connection as there is no
> need for VPN. See,
>
> http://www.msexchange.org/tutorials/outlookrpchttp.html
>
> --
> John Oliver, Jr
> MCSE, MCT, CCNA
> Exchange MVP 2008
> Microsoft Certified Partner
>
> "news.microsoft.com" wrote in message
> news:eOCNUhDqIHA.1872@TK2MSFTNGP04.phx.gbl...
>> have an a single exchange 2003 box sitting behind the firewall.This is
>> the only mail and AD server.
>>
>> I recently configure my user with VPN access.
>>
>> I have problem getting the user outlook 2003 client connected to my
>> exchange
>> server via exchange method(Mapi) through the VPN session. There iis no
>> problem at all when connnting internally.
>>
>> I know this is the firewall port issue, as when I allow all service ports
>> to
>> allow through the vpn session to my exchnage erver , it will have no
>> problem
>> at all
>>
>> As I need to fine tune my firewall to close up all unnessary ports.
>>
>> can someone able to let me know the minimum port require to open out for
>> outlook to connect to exchange server behind the firewall.
>>
>>
>>
>
date: Thu, 1 May 2008 18:04:50 +0800
author: news.microsoft.com
Re: Firewall Ports Require behind firewall port
You are not understanding this fully so I will explain further, only ports
that should be open on your Firewall to your Exchange Server is port 25 and
443. VPN has nothing to do with this. If you decided to have remote VPN
Clients connect to your LAN to use Outlook then your VPN tunnel should be
passing all traffic so the clients will connect with RPC, similar to local
Outlook Clients on your LAN. If this is working properly you should be able
to ping your Exchange Server by FQDN and get a reply. As I suggested in my
last post, you can eliminate the VPN Client all together if you implement
RPC over HTTPs.
--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2008
Microsoft Certified Partner
"news.microsoft.com" wrote in message
news:uiZP8c9qIHA.3408@TK2MSFTNGP03.phx.gbl...
> Dear John,
>
> I pointed the DNS server of my VPN session to my Internal Lan DNS server
> which happen also to be my DNS.
>
> Isn't port 25 only for smtp connection, how about in mapi connection ?
>
> "John Oliver, Jr. [MVP]" wrote in message
> news:%23NgqzfaqIHA.4112@TK2MSFTNGP03.phx.gbl...
>> Only ports necessary to open inbound for Exchange is 25 SMTP and 443 SSL.
>> As for your user having issues, what DNS server is he/she using for his
>> VPN connection? It should be the DNS Server at the Office as he/she
>> needs to resolve the Exchange Server by FQDN. If it were me, I would
>> configure the user for RPC over HTTPs for his Outlook 2003 connection as
>> there is no need for VPN. See,
>>
>> http://www.msexchange.org/tutorials/outlookrpchttp.html
>>
>> --
>> John Oliver, Jr
>> MCSE, MCT, CCNA
>> Exchange MVP 2008
>> Microsoft Certified Partner
>>
>> "news.microsoft.com" wrote in message
>> news:eOCNUhDqIHA.1872@TK2MSFTNGP04.phx.gbl...
>>> have an a single exchange 2003 box sitting behind the firewall.This is
>>> the only mail and AD server.
>>>
>>> I recently configure my user with VPN access.
>>>
>>> I have problem getting the user outlook 2003 client connected to my
>>> exchange
>>> server via exchange method(Mapi) through the VPN session. There iis no
>>> problem at all when connnting internally.
>>>
>>> I know this is the firewall port issue, as when I allow all service
>>> ports to
>>> allow through the vpn session to my exchnage erver , it will have no
>>> problem
>>> at all
>>>
>>> As I need to fine tune my firewall to close up all unnessary ports.
>>>
>>> can someone able to let me know the minimum port require to open out
>>> for
>>> outlook to connect to exchange server behind the firewall.
>>>
>>>
>>>
>>
>
>
date: Sat, 3 May 2008 20:45:31 -0400
author: John Oliver, Jr. [MVP]
|
|
