We are running our OWA (front-end Exchange 2003 server) on VMware ESX hosts. Last night one of our hosts went down and the OWA server also went down. When it came back up, we couldn't connect to OWA. After investigating, we found that the Microsoft Exchange System Attendant service wasn't started and it wouldn't start when we tried it manually. The errors below were in the event logs. I was, however able to ping our domain controllers/GCs (2008R2 domain). The OWA server is in the DMZ and the ports to the inside that are open are 135, 3268, 389, 445, 691, 88, 53, and 80. As I was watching the firewall logs, I saw that ports 49155/49158 are being blocked from OWA to the DCs. I just opened all TCP/UDP from OWA to our DCs and Exchange server and now it's working. This doesn't really make any sense because it was working before the server failure and no firewall changes were made. I'm trying to figure out what are the 49155/49158 ports and what ports are necessary for communication from a front-end OWA server in the DMZ to DCs and Exchange on the inside network. Thanks a lot. Process INETINFO.EXE (PID=1424). All the DS Servers in domain are not responding. Unexpected error The specified domain either does not exist or could not be contacted. Facility: Win32 ID no: c007054b Microsoft Exchange System Attendant occurred.

It might be RPC since it uses random ports above 1024. You can find a list of ports here: http://technet.microsoft.com/en-us/library/aa997436(EXCHG.65).aspx Martin Sundstrm | Microsoft Certified Trainer | MCITP: Enterprise Messaging Administrator 2007/2010 | http://msundis.wordpress.com

I thought RPC was port 135. If it uses random ports, how can you tighen up your firewall if you don't know what ports it will use?

There is also the option to: (Optional) To limit RPCs across the intranet firewall, edit the registry on servers in the intranet to specify RPC traffic to a specific non random port. Then, open the appropriate ports on the internal firewall: TCP port 135 – RPC endpoint mapper TCP port 1600 (example) – RPC service port Found in the document i posted before.Martin Sundstrm | Microsoft Certified Trainer | MCITP: Enterprise Messaging Administrator 2007/2010 | http://msundis.wordpress.com

On Wed, 23 Jun 2010 18:59:39 +0000, scottyp55 wrote: >I thought RPC was port 135. If it uses random ports, how can you tighen up your firewall if you don't know what ports it will use? A client wishing to discover if a machine offers a service contacts that server on port 135. The server responds by telling the client the port number the requested service listens on. That port is above port 1024. The real answer to this is, of course, to move the Exchange Front-End servers out of the DMZ and onto your LAN (where they belong). If you have a security policy that prohibits connections from the Internet to the LAN you can use ISA in the DMZ and publish the URLs from there. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP